[ Answered on the internal list, repeated here for the other audience ]
Chris Gerhard wrote:
How can I map what appears to be the default the "SYSTEM" group on
windows XP to a group on Solaris? I always end up with an ephemeral
group for that?
SYSTEM (aka "Local System", S-1-5-18) is hardwired to 2147483648. It's not
exactly an ephemeral ID; it's more of a reserved ID. I think this is so
that something in the CIFS server can automatically add it to an ACL in
some cases, but I don't know the details.
v-ss7410b-gmp03# idmap list
add "winuser:cjg.uk.sun.com\\cjg" unixuser:cg13442
add "wingroup:cjg.uk.sun.com\\smbstaff" unixgroup:staff
add -d "wingroup:*\\SYSTEM" unixgroup:sys
v-ss7410b-gmp03# ls -dv My*
d---------+ 4 cg13442 staff 5 Nov 11 12:42 My Documents
0:user:cg13442:list_directory/read_data/add_file/write_data
/add_subdirectory/append_data/read_xattr/write_xattr/execute
/delete_child/read_attributes/write_attributes/delete/read_acl
/write_acl/write_owner/synchronize:allow
1:group:2147483648:list_directory/read_data/add_file/write_data
/add_subdirectory/append_data/read_xattr/write_xattr/execute
/delete_child/read_attributes/write_attributes/delete/read_acl
/write_acl/write_owner/synchronize:allow
v-ss7410b-gmp03#
This in turn prevents me from listing the file over NFS:
: v4v-machine-a11-gmp03.eu TS 51 $; ls -l
ls: can't read ACL on ./My Documents: Not owner
ls: can't read ACL on ./xp.txt: Not owner
total 12
d--------- 0 root root 5 Jan 1 1970
---------- 0 root root 0 Jan 1 1970
-rw-r----- 1 cg13442 staff 5 Nov 10 16:25 nfs
----------+ 1 cg13442 staff 6 Nov 10 17:49 smb.txt
-rw-r----- 1 cg13442 root 13 Nov 10 16:50 zfs.txt
: v4v-machine-a11-gmp03.eu TS 52 $; ls
My Documents nfs smb.txt xp.txt zfs.txt
: v4v-machine-a11-gmp03.eu TS 53 $;
That part I can't explain.
_______________________________________________
cifs-discuss mailing list
cifs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
