> From: Michael Rasmussen > Sent: Thursday, December 04, 2014 11:11 AM > > Yes, because you want to avoid Omnios presents ACL which is incompatible > with Linux ACL.
I don't believe the ACL has anything to do with NFSv4 id mapping? And a ZFS ACL presented over NFSv4 is perfectly compatible with Linux. It's not a Linux POSIX ACL, and cannot be manipulated with getfacl/setfacl, you need to use the nfs4 ACL tools, but it works fine. > http://forum.proxmox.com/threads/15793-CT-creation-on-NFS- > Share?p=81530#post81530 In that thread, the user fails to chmod via NFS: chmod: changing permissions of `/mnt/pve/proxCT/private/108.tmp': Operation not permitted The root cause of which was a setting of restricted for aclmode: vdev1/proxCT aclmode restricted local Per the man page "An aclmode property of restricted will cause the chmod(2) operation to return an error when used on any file or directory which has a non-trivial ACL whose entries can not be represented by a mode." The user could have set the inherited ACL on the initial filesystem to a trivial ACL, in which case chmod would've worked fine over NFS. In any case, I don't see anything in that thread that seems relevant to NFSv4 id mapping, which unless I misunderstand is the problem the OP is trying to resolve. On that subject, NFSv4 id mapping seems to be working fine for me between an omnios client and server. On the server, the file system is mounted as: /export/user/henson on export/user/henson read/write/nosetuid/nodevices/nonbmand/exec/xattr/atime/dev=2c5025c And exported as: /export/user/henson - nfs nosuid,sec=krb5i,sec=krb5p with the domain set: $ sharectl get -p nfsmapid_domain nfs nfsmapid_domain=csupomona.edu if I create a file on the server, it has the correct ownership: $ touch test_server $ ls -l test_server -rw-r--r--+ 1 henson csupomona 0 Dec 4 12:50 test_server on the client, the NFS export is mounted as: /mnt on files-www.csupomona.edu:/export/user/henson remote/read/write/setuid/devices/sec=krb5p/xattr/dev=85c0008 on Thu Dec 4 12:50:01 2014 the client has the same domain: $ sharectl get -p nfsmapid_domain nfs nfsmapid_domain=csupomona.edu The file created on the server shows up with the correct ownership: $ ls -l test_server -rw-r--r--+ 1 henson csupomona 0 Dec 4 12:50 test_server A file created on the client has the correct ownership: $ touch test_client $ ls -l test_client -rw-r--r--+ 1 henson csupomona 0 Dec 4 12:52 test_client And viewed back on the server, still correct: $ ls -l test_client -rw-r--r--+ 1 henson csupomona 0 Dec 4 12:52 test_client _______________________________________________ OmniOS-discuss mailing list [email protected] http://lists.omniti.com/mailman/listinfo/omnios-discuss
