ZFS snapshots readable over samba - Permission

Bodo Kaiser kyogron at googlemail.com
Mon Oct 3 15:47:40 MDT 2011 

Sry for giving such a bad issue discriptions, I tried some things out
and I think I should formulate the question new.
I have different user-dirs in "/usr/home". I also have daily ZFS
snapshots in "/usr/home/.zfs/snapshot". Now I want to have access to the
snapshots over samba but only with user authentification and then only
read access to the user belonging files in the snapshot.

So the user should log in with the username and the password and have
access to his files. If he now missis a file which is in the snapshot he
should easily go to the snap dir (maybe over a softlink) change to his
user-dir in the snapshot and get his missing file(s). When he does this
he shouldn't get access to the files of the other users.

Hope I explained it this time better :S

Regards,
Bodo Kaiser

Am Montag, den 03.10.2011, 13:12 -0500 schrieb Christopher R. Hertel:

> Ira Cooper wrote:
> > On Mon, Oct 3, 2011 at 1:48 PM, Jeremy Allison <jra at samba.org> wrote:
> > 
> >> On Sat, Oct 01, 2011 at 10:14:56AM +0200, Bodo Kaiser wrote:
> >>> Hi,
> >>>
> >>> I am using the latest FreeBSD Release and I have a ZFS datastorage.
> >>>
> >>> Now I had the idea to share the daily snapshots via softlink over samba,
> >> so
> >>> if there is a problem with an file I easily can skip back to a snapshot
> >> and
> >>> restore this file.
> >>>
> >>>
> >>>
> >>> And here is the issue: The ZFS snapshot dir "/usr/home/.zfs/snapshot/" is
> >>> owned by root:wheel even I have access over terminal to the snaps with a
> >>> normal user account. I can't access over syslinks with samba or similar.
> >> My
> >>> question is now, how I solve this issue and how I make the snaps best
> >>> reachable for each user in there home-dir.
> >> Is this by design in ZFS ? That would seem strange, as it would prevent
> >> any ordinary users from getting to their snapshots.
> >>
> >> Can you point me to some documentation explaining how this is supposed
> >> to work ?
> >>
> > 
> > 
> > On NexentaCore (and I'd assume Solaris, though I do not have a box on hand
> > to test):
> > 
> > I can browse via explorer into .zfs/snapshot/snapname and it works.  We also
> > point a symlink at .zfs/snapshot and I can traverse that and it works also.
> > 
> > I can't speak to the FreeBSD implementation of this, clearly.  But it
> > shouldn't be a generic ZFS issue.
> 
> If there's anyone interested in testing against Nexenta, they have a
> Community Edition that can be run in a VM:  http://www.nexentastor.org/
> 
> Chris -)-----
>

More information about the samba-technical mailing list