Re: [OpenIndiana-discuss] setting up nfs4 from scratch
Mark writes: [...] >> Oh, and what chmod cmd do you use on any shares to be shared with >> windows platforms? In the past, for cifs, I've used: >> >> chmod -R A=everyone@:full_set:fd:allow >> > > When security isn't an issue, then this will be easier. > Files created from windows will probably end up showing different > ACL's as Windows uses different defaults, and nfs3 and 4 also will > produce different results, since one knows ACL's and one doesn't. > I just run a cron job to bash them back into what I want. I'm sorry to be so thick skulled, but I didn't understand what it is you are doing... do you use a chmod command at all? What is it if you do? Bash them back to what? > I'd go with a simple approach that works for you. What simple approach? ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] setting up nfs4 from scratch
On 17/11/2011 3:40 a.m., Harry Putnam wrote: Mark writes: [...] Thanks for the very complete instructions. No problem Harry, glad to help. On my linux distro [debian wheezy] I see this in /etc/idmapd.conf # set your own domain here, if id differs from FQDN minus hostname # Domain = localdomain On Centos I set this to the fqdn, but both ends must match. You may also need /etc/hosts entries for the other server. And since `hostname -f (-f means show fqdn) shows my full hostname.local.domain I guess that can stay commented. nfs3 does not require the domain settings. I use both nfs3 and nfs4, but GID/UID issues and ACLS can be tricky, especially if you run cifs on the same file system as I do. So are you saying that even with the settings you posted... you still have trouble with windows boxes over of cifs? Or do you mean your posted settings will avoid that happenstance? The issues are mainly around ACL's, but in my case the files rsync through multiple servers before landing, and most don't support ACL's. I'm trying just to run nfs4 so maybe it will not effect me. nfs4 understands ACL's, but nfs3 doesn't. Oh, and what chmod cmd do you use on any shares to be shared with windows platforms? In the past, for cifs, I've used: chmod -R A=everyone@:full_set:fd:allow When security isn't an issue, then this will be easier. Files created from windows will probably end up showing different ACL's as Windows uses different defaults, and nfs3 and 4 also will produce different results, since one knows ACL's and one doesn't. I just run a cron job to bash them back into what I want. I'd go with a simple approach that works for you. I haven't seen any major performance difference between cifs and nfs. Mark. ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] setting up nfs4 from scratch
Mark writes: [...] Thanks for the very complete instructions. On my linux distro [debian wheezy] I see this in /etc/idmapd.conf # set your own domain here, if id differs from FQDN minus hostname # Domain = localdomain And since `hostname -f (-f means show fqdn) shows my full hostname.local.domain I guess that can stay commented. > nfs3 does not require the domain settings. > I use both nfs3 and nfs4, but GID/UID issues and ACLS can be tricky, > especially if you run cifs on the same file system as I do. So are you saying that even with the settings you posted... you still have trouble with windows boxes over of cifs? Or do you mean your posted settings will avoid that happenstance? I'm trying just to run nfs4 so maybe it will not effect me. Oh, and what chmod cmd do you use on any shares to be shared with windows platforms? In the past, for cifs, I've used: chmod -R A=everyone@:full_set:fd:allow But on one of the googled pages: (http://www.bfccomputing.com/2011/03/15/creating-a-permission-free-share-with-zfs-acls-and-nfsv4/) I found while working on this showed a really lengthy chmod cmd: (wrapped for mail) /bin/chmod A=everyone@:read_data/list_directory/write_data/add_file/\ append_data/add_subdirectory/read_xattr/write_xattr/execute/delete_child/\ read_attributes/write_attributes/delete/read_acl/write_acl/write_owner/\ synchronize:file_inherit/dir_inherit:allow Is something like that really necessary or does the shorter one cover the same stuff with :full_set:fd:allow? ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
[OpenIndiana-discuss] setting up nfs4 from scratch
NFS 4 setup you need to configure your domain Linux /etc/idmapd.conf [General] Verbosity = 0 Pipefs-Directory = /var/lib/nfs/rpc_pipefs Domain = mydomain.local [Mapping] Nobody-User = nobody Nobody-Group = nobody [Translation] Method = nsswitch - Opensolaris/OI make sure services are running svcadm enable nfs/status svcadm enable nfs/server svcadm enable nfs/nlockmgr svcadm enable nfs/mapid configure Domain sharectl set -p nfsmapid_domain=drg.local nfs The nfs access then needs to be set on the zfs filesystem zfs -o sharenfs=rw=@192.168.1.0/24,root=@192.168.1.0/24, \ anon=0 datapool/mydata mount from linux mount -t nfs4 -o rw 10.1.17.10:/datapool/mydata /mnt/mydata nfs3 does not require the domain settings. I use both nfs3 and nfs4, but GID/UID issues and ACLS can be tricky, especially if you run cifs on the same file system as I do. Mark. ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss