I know this is a very special theme for debian/ubuntu. And I like to do my part
;)
So I spent a few afternoon's to verify again what I used to know. But you can
use the following informations/scripts to test it by yourself very quickly.
So I went and compiled a custom kernel (using the standard ubuntu 2.6.22
sources) with
cat /boot/config-2.6.22.7-nfs-with-acl | grep ACL
CONFIG_EXT3_FS_POSIX_ACL=y
CONFIG_NFS_V3_ACL=y
CONFIG_NFSD_V2_ACL=y
CONFIG_NFSD_V3_ACL=y
CONFIG_NFS_ACL_SUPPORT=m
I restarted the system.
Configuration:
1. The EXT3 directory is mounted with "defaults,acl,user_xattr"
2. The NFS directory "/home/exchange" is exported with (rw,no_subtree_check).
3. The NFS dir is mounted with "-t nfs -o rw,defaults,acl".
4. Same for SAMBA (hope this is correct, cause I don't use Samba in this
context).
5. Create a user and group "exchange" and add yourself to the group.
[exchange]
path = /home/exchange
writable = yes
create mask = 0660
directory mask = 0770
profile acls = yes
inherit acls = yes
available = yes
browsable = yes
public = yes
CHMOD, CHOWN, ACL settings
See attached change_rights.sh. Copy the script into "/home/."
1. The directories get an "exchange" group, that every user is part of.
2. The directories have "g+s", so subdirs inherit the ability for members of
"exchange" group to join.
3. Only the following ACL for directories is set, so new files will be created
"g+rw":
setfacl -d -m mask: -d -m mask:006
TESTS:
mount -t nfs -o acl,defaults,rw localhost:/home/exchange /home/a_user/exchange
OR (!) mount -t cifs -o user=a_user,password=a_password //localhost/exchange
/home/a_user/exchange
cd /home
sh change_rights.sh && getfacl exchange && ls -l exchange/
touch exchange/testfile1 && ls -l exchange/
mkdir exchange/testdir1 && ls -l exchange/
This will provilde you with the necessary informations.
NFS Result:
1. The ACL's that were set with setfacl on a NON-NFS (!) mounted directory are
shown correctly with "getfacl" in the shell and with e.g. "eiciel" in nautilus.
2. One cannot set ACLs with "setfacl" on a NFS mounted directory.
3. a) For both in shell and e.g. nautilus it is not possible to touch a file or
make a directory.
b) This is the case for root and the any user who should be able to do the
job of a)
CIFS Result:
1. No ACLs seen at all. Not in shell nor in e.g. nautilus.
2. File creation: known bug - file groups get's extra execution bit.
3. Directory creation: OK
I blind tested the same on a updated SuSE 10.3 which works like
expected.
Conclusion:
A I expected ACLs via NFS/SMB/CIFS are not usable for now.
And as mentioned in [3] above from a canonical emloyee there seems to be more
issues than just comiling a new kernel.
Probably one has to test again the basic debian packages in testing/unstable.
I blind tested on a updated SuSE 10.3 in a virtual machine Works without
problems.
We use SuSE 10.1 (ext3) at work without problems.
To come to an end: I am shure this will find a way into ubuntu some
times - I hope soon ;)
** Attachment added: "Script to assign ACLs for a directory"
http://launchpadlibrarian.net/10774977/change_rights.sh
--
Kernel ACL support for NFS/CIFS in 8.04?
https://bugs.launchpad.net/bugs/173267
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
