Hi! Many thanks for help. Regarding to how many ACLs can be stored in acl_tdb and acl_xattr, I can save on XFS only 22 entries plus CREATOR GROUP, CREATOR OWNER and EVERYONE. Seems it is about 25 entries for one directory/file. Is it correct or I missed something?
Cheers! /Adrian Berlin Dnia 16 listopada 2011 0:08 Jonathan Buzzard <jonat...@buzzard.me.uk> napisaĆ(a): > Jeremy Allison wrote: > > On Mon, Nov 14, 2011 at 02:12:35PM +0100, adrian.berlin wrote: > >> Hi! > >> Does anyone know how to move/migrate ACLs from file_ntacls.tdb to another > >> machine? > >> I tried manually copy file_ntacls.tdb and restart samba but it doesn't > >> work. > >> Also I tried to dump and restore tdb file using tdbdump and tdbrestore > >> without success. > > > > That's not going to work as the ACL data is indexed by dev/ino pairs > > in the tdb, and on the new machine they will be different. > > > > You'll need to use a backup tool that copies the ACLs as you > > copy the data. > > Once you are into using ACL' best method to transfer the files from one > server to another is to take a Windows machine map the drive on both > servers and use robocopy or similar tool that will preserve permissions > while doing a file synchronization. > > Robocopy from Vista or Win7 is better as you can use > > ROBOCOPY <source> <target> /MIR /SEC /SECFIX > > The last option fixes the security on existing files in the target, and > appeared in Vista. > > I would note that files_ntacls.tdb is not really suitable for a > production file server, unless you are going to back it up from a client > machine that is. The reason being a restore is going to leave you > without your ACL's and no way to ever recover it because the inodes of > the files will almost certainly be different. Much more sensible to > store it in xattr's if you ask me, at least that way you have a fighting > chance of getting the ACL's back. You can also fiddle with the files > server side without messing up your file_ntacls.tdb database. > > Better yet use a file system that does NFSv4 ACL's and a suitable VFS > module :-) > > > JAB. > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba