What ACL options woudl be best for s3fs?
jra at samba.org
Mon Mar 12 17:54:55 MDT 2012
On Tue, Mar 13, 2012 at 10:50:06AM +1100, Andrew Bartlett wrote:
> I'm not particularly failure with all the various ACL options available
> in smbd, so I figured it was better to ask rather than guess:
> What options should we use for ACLs on a AD DC, where we must have
> perfect AD ACL semantics?
You need either acl_xattr or acl_tdb, depending on whether
you need to store into a system xattr or a tdb.
> Is there any known issues with these modules and the Samba4 ACL setting,
> particularly as done in provision? (I recall something about different
> xattr names, so wanted to check).
Does provision write ACLs into the filesystem ? If it does
can you point me at that code ?
> What options are available for hosts that do not support extended
> attributes? Samba4 sets an option to store everything into a TDB in
> this case, and this is used a lot in make test. What option should I
> set for smbd, other than:
If there are no xattrs you can either use acl_tdb
directly, or stack vfs_acl_xattr on top of xattr_tdb.
> vfs objects = $vfs_modulesdir_abs/xattr_tdb.so
> Eventually I want to make these hard-coded defaults, so I would like to
> get them right.
Hope this helps !
More information about the samba-technical