I'm trying to use zfs acls in solaris 10. I've looked at past posts
regarding this and some online help, but am stuck. I'm currently using
samba 3.3.9; I've had the same problem with 3.3.7. samba is compiled
and running as an Active Directory member server (compiled with ldap and
kerberos). The zfs disk is local. I'm not using winbind. I compiled
with zfsacl module.
Permissions appear just fine in solaris. Plus I can read/write with
notepad and use other applications such as acrobat. However, Microsoft
Office 2007 won't open or save files. I haven't tried other versions of
Office; they're not handy.
The following is the configuration for the share:
[testzfs]
comment = test
path = /moe2
browseable = true
public = false
writable = true
inherit permissions = yes
acl check permissions = False
vfs objects = zfsacl
inherit acls = yes
nfs4: mode = simple
nfs4: acedup = merge
zfsacl: acesort = dontcare
map archive = no
map hidden = no
map read only = no
map system = no
The zfs permissions I'm testing look like this. This is for the parent
directory; files within have the same permissions (sans the inheritance).
moe-lh /moe2/office/student_workers 546# ls -vd .
drwxrws---+ 2 toml cefac 5 Oct 20 18:36 ./
0:group:cefac:list_directory/read_data/add_file/write_data
/add_subdirectory/append_data/write_xattr/execute/write_attributes
/write_acl/write_owner:file_inherit/dir_inherit/inherit_only:allow
1:group:cefac:list_directory/read_data/add_file/write_data
/add_subdirectory/append_data/write_xattr/execute/write_attributes
/write_acl/write_owner:allow
2:group:ceoffstu:list_directory/read_data/add_file/write_data
/add_subdirectory/append_data/write_xattr/execute/write_attributes
/write_acl/write_owner:file_inherit/dir_inherit/inherit_only:allow
3:group:ceoffstu:list_directory/read_data/add_file/write_data
/add_subdirectory/append_data/write_xattr/execute/write_attributes
/write_acl/write_owner:allow
4:group:ceoffstu:list_directory/read_data/add_file/write_data
/add_subdirectory/append_data/write_xattr/execute/write_attributes
/write_acl/write_owner:allow
5:owner@::deny
6:owner@:list_directory/read_data/add_file/write_data/add_subdirectory
/append_data/write_xattr/execute/write_attributes/write_acl
/write_owner:allow
7:group@::deny
8:group@:list_directory/read_data/add_file/write_data/add_subdirectory
/append_data/execute:allow
9:everyone@:list_directory/read_data/add_file/write_data
/add_subdirectory/append_data/write_xattr/execute/write_attributes
/write_acl/write_owner:deny
10:everyone@:read_xattr/read_attributes/read_acl/synchronize:allow
thank you
Tom Lieuallen
Oregon State University
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
