Hi,
Set the zfs properties aclmode *and* aclinherit properties to
passthrough for the dataset you're writing to.
This works for me having both Windows clients using cifs, and Linux
clients using nfs.
Regards,
Siggi
On 06/01/2011 08:51 AM, lance wilson wrote:
The problem is that nfs clients that connect to my solaris 11 express server
are not inheriting the acl's that are set for the share. They create files that
don't have any acl assigned to them, just the normal unix file permissions. Can
someone please provide some additional things to test so that I can get this
sorted out.
This is the output of a normal ls -al
drwxrwxrwx+ 5 root root 11 2011-05-31 11:14 acltest
Looking at the acl's that are assigned to the share with ls -vd
drwxrwxrwx+ 5 root root 11 May 31 11:14 /smallstore/acltest
0:user:root:list_directory/read_data/add_file/write_data
/add_subdirectory/append_data/read_xattr/write_xattr/execute
/delete_child/read_attributes/write_attributes/delete/read_acl
/write_acl/write_owner/synchronize:file_inherit/dir_inherit:allow
1:everyone@:list_directory/read_data/add_file/write_data
/add_subdirectory/append_data/read_xattr/write_xattr/execute
/delete_child/read_attributes/write_attributes/delete/read_acl
/synchronize:file_inherit/dir_inherit:allow
The compact version is ls -Vd
drwxrwxrwx+ 5 root root 11 May 31 11:14 /smallstore/acltest
user:root:rwxpdDaARWcCos:fd-----:allow
everyone@:rwxpdDaARWc--s:fd-----:allow
The parent share has the following permissions
drwxr-xr-x+ 5 root root 5 May 30 22:26 /smallstore/
user:root:rwxpdDaARWcCos:fd-----:allow
everyone@:r-x---a-R-c---:fd-----:allow
owner@:rwxpdDaARWcCos:fd-----:allow
This is the acl for the files created by a ubuntu client. There is no acl
inheritance occurring.
-rw-r--r-- 1 1000 1000 0 May 31 22:20 /smallstore/acltest/ubuntu_file
owner@:rw-p--aARWcCos:-------:allow
group@:r-----a-R-c--s:-------:allow
everyone@:r-----a-R-c--s:-------:allow
This is the acl for files created by a user from a windows client. There is
full acl inheritance.
-rwxrwxrwx+ 1 ljw staff 0 May 31 22:22 /smallstore/acltest/windows_file
user:root:rwxpdDaARWcCos:------I:allow
everyone@:rwxpdDaARWc--s:------I:allow
The acl inheritance is on at both the share and directory levels so it should
be passing them to files that are created.
smallstore aclinherit restricted default
smallstore/acltest aclinherit passthrough local
Again any help would be most appreciated.
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
