On 05/20/14 21:44, Dave Close wrote:
I've seen several suggestions to export CIFS shares to Linux rather than
NFS shares to Windows. My experience makes that undesireable but maybe
I've been missing something for several years.
Linux can certainly mount a CIFS share and deal with it just fine. But
every instance I've seen munges file permissions in the process. Every
CIFS file seems to have execute permission turned on, for example. File
ownership is based on who did the mount, not any attribute of the file.
To me, this makes using CIFS for anything other than access to Windows
files unacceptable. I sure don't want my home directory on CIFS.
Is there a way around these problems that I've missed?
CIFS associates a user with a connection. Not like NFS that associates a
user with an IO request.
NFS trusts the client to do the authentication, at least V3, I have not
looked into V4.
CIFS does a single user authentication when it receives a TCP
connection, then associates that user with all IO done via that connection.
So, not only does the security model at the filesystem level not match
between the platforms, but the user model does not either. (One user
per client for Windows and multi-user client for *nix.)
Remember what Citrix had to do it Windows NT to allow it to be
concurrent multi-user. They had to basically make it like the current
Linux Containers. All namespaces had to be sharded per connected user.
--
Mr. Flibble
King of the Potato People
http://www.linkedin.com/in/RobertLanning
_______________________________________________
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
