Re: [osol-discuss] [storage-discuss] Anyone using zfs and CIFS yet?

Mon, 18 Feb 2008 12:04:52 -0800 

Afshin,

Sorry I been on vacation a few days....
Below I hope you have the info you need. I'm very interested to see what I been missing. 

TIA,
Jerry

#ls -l
----------+  1 backlin  staff       1109 Jan 31 11:09 nsswitch.conf
drwxrwxrwx+  2 backlin  staff          3 Jan  1 11:09 Solaris 10
----------+  1 backlin  staff    3937402880 Jan 29 18:06 solarisdvd.iso
drwxrwxrwx+  4 backlin  staff          5 Dec 15 18:37 StarOffice
# ls -vd
drwxrwxrwx+ 11 backlin  staff         15 Feb 13 08:04 .
    0:user:backlin::deny
    1:user:backlin:list_directory/read_data/add_file/write_data
        /add_subdirectory/append_data/read_xattr/write_xattr/execute
        /delete_child/read_attributes/write_attributes/delete/read_acl
        /write_acl/write_owner/synchronize:allow
    2:group:2147483648::deny
    3:group:2147483648:list_directory/read_data/add_file/write_data
        /add_subdirectory/append_data/read_xattr/write_xattr/execute
        /delete_child/read_attributes/write_attributes/delete/read_acl
        /write_acl/write_owner/synchronize:allow
    4:owner@::deny
    5:owner@:list_directory/read_data/add_file/write_data/add_subdirectory
        /append_data/write_xattr/execute/write_attributes/write_acl
        /write_owner:allow
    6:group@::deny
    7:group@:list_directory/read_data/add_file/write_data/add_subdirectory
        /append_data/execute:allow
    8:everyone@:write_xattr/write_attributes/write_acl/write_owner:deny
    9:everyone@:list_directory/read_data/add_file/write_data
        /add_subdirectory/append_data/read_xattr/execute/read_attributes
        /read_acl/synchronize:allow
#

# ls -v
----------+  1 backlin  staff       1109 Jan 31 11:09 nsswitch.conf
    0:user:backlin:read_data/write_data/append_data/read_xattr/write_xattr
        /execute/delete_child/read_attributes/write_attributes/delete
        /read_acl/write_acl/write_owner/synchronize:allow
    1:group:2147483648:read_data/write_data/append_data/read_xattr
        /write_xattr/execute/delete_child/read_attributes/write_attributes
        /delete/read_acl/write_acl/write_owner/synchronize:allow
drwxrwxrwx+  2 backlin  staff          3 Jan  1 11:09 Solaris 10
    0:user:backlin::deny
    1:user:backlin:list_directory/read_data/add_file/write_data
        /add_subdirectory/append_data/read_xattr/write_xattr/execute
        /delete_child/read_attributes/write_attributes/delete/read_acl
        /write_acl/write_owner/synchronize:allow
    2:group:2147483648::deny
    3:group:2147483648:list_directory/read_data/add_file/write_data
        /add_subdirectory/append_data/read_xattr/write_xattr/execute
        /delete_child/read_attributes/write_attributes/delete/read_acl
        /write_acl/write_owner/synchronize:allow
    4:owner@::deny
    5:owner@:list_directory/read_data/add_file/write_data/add_subdirectory
        /append_data/write_xattr/execute/write_attributes/write_acl
        /write_owner:allow
    6:group@::deny
    7:group@:list_directory/read_data/add_file/write_data/add_subdirectory
        /append_data/execute:allow
    8:everyone@:write_xattr/write_attributes/write_acl/write_owner:deny
    9:everyone@:list_directory/read_data/add_file/write_data
        /add_subdirectory/append_data/read_xattr/execute/read_attributes
        /read_acl/synchronize:allow
----------+  1 backlin  staff    3937402880 Jan 29 18:06 solarisdvd.iso
    0:user:backlin:read_data/write_data/append_data/read_xattr/write_xattr
        /execute/delete_child/read_attributes/write_attributes/delete
        /read_acl/write_acl/write_owner/synchronize:allow
    1:group:2147483648:read_data/write_data/append_data/read_xattr
        /write_xattr/execute/delete_child/read_attributes/write_attributes
        /delete/read_acl/write_acl/write_owner/synchronize:allow
drwxrwxrwx+  4 backlin  staff          5 Dec 15 18:37 StarOffice
    0:user:backlin::deny
    1:user:backlin:list_directory/read_data/add_file/write_data
        /add_subdirectory/append_data/read_xattr/write_xattr/execute
        /delete_child/read_attributes/write_attributes/delete/read_acl
        /write_acl/write_owner/synchronize:allow
    2:group:2147483648::deny
    3:group:2147483648:list_directory/read_data/add_file/write_data
        /add_subdirectory/append_data/read_xattr/write_xattr/execute
        /delete_child/read_attributes/write_attributes/delete/read_acl
        /write_acl/write_owner/synchronize:allow
    4:owner@::deny
    5:owner@:list_directory/read_data/add_file/write_data/add_subdirectory
        /append_data/write_xattr/execute/write_attributes/write_acl
        /write_owner:allow
    6:group@::deny
    7:group@:list_directory/read_data/add_file/write_data/add_subdirectory
        /append_data/execute:allow
    8:everyone@:write_xattr/write_attributes/write_acl/write_owner:deny
    9:everyone@:list_directory/read_data/add_file/write_data
        /add_subdirectory/append_data/read_xattr/execute/read_attributes
        /read_acl/synchronize:allow
#

Afshin Salek wrote:

Hi Jerry,

If I have the actual ACL on the parent directory and the file
created from Windows, I can better answer your questions. You
can view the directory's ACL with "ls -vd" and file's ACL with
"ls -v"

As a general note, Windows inheritance rules are different from
ZFS and/or POSIX rules. When you create a file from Windows you
get the Windows rules not the latter (and it's not optional :) )

Thanks,
Afshin

Janice Chang wrote:
Hi Jerry. Thank you for the information. I'm cc'ing [EMAIL PROTECTED], where most of the CIFS folk hang out. 

Janice

Jerry Backlin wrote:

Janice,
Below you have 2 files where the first one is written from a windows system. It seems to pick up the right owner but the file protection is set up to disallow users on the solaris system to access the file. This means that if I want to access the file when logged in on Solaris I need to change the protection. The parent directory have the protection set up to allow everybody full access and I work in workgroup mode. 

----------+  1 backlin  staff       1109    Jan 31 11:09 nsswitch.conf
drwxrwxrwx+  2 backlin  staff          3    Jan  1 11:09 Solaris 10
I assume there must be a way to set up zfs to allow files to be accessed by the same user on the solaris system and also manage who has access to a file created from a networked windows system.
In addition I can't create folders from a windows system, I get access denied. Is there something I have missed when setting up the system? 

TIA,
Jerry




Janice Chang wrote:

Hi Jerry. Thank you for your inquiry.
Would appreciate some examples showing the permissions set from Windows and what is seen vs. what is expected on the Solaris server. 

Thanks!
Janice

Jerry Backlin wrote:
I'm using sharesmb (b82) in my home office server with XP & W2K clients. Upgrades have caused some hickups and the smbpasswd file had been reset for me but that is addressed now. I can not get my hands around how file protection should be set up. currently a file written into the zfs share does not inherit the protection parent filesystem, from solaris you have no access. 
I assume this has not been addressed yet

Jerry
This message posted from opensolaris.org 
_______________________________________________
opensolaris-discuss mailing list
opensolaris-discuss@opensolaris.org

_______________________________________________
opensolaris-discuss mailing list
opensolaris-discuss@opensolaris.org

_______________________________________________
storage-discuss mailing list
[EMAIL PROTECTED]
http://mail.opensolaris.org/mailman/listinfo/storage-discuss




begin:vcard
fn:Jerry Backlin
n:Backlin;Jerry
org:Sun Microsystems
email;internet:[EMAIL PROTECTED]
title:CNE Storage Marketing Mgr
tel;work:+33 4 9377 6888
tel;cell:+33 6 8035 9394
version:2.1
end:vcard


_______________________________________________
opensolaris-discuss mailing list
opensolaris-discuss@opensolaris.org

Reply via email to