Samba4 on OpenBSD: a report (tags: waf, s3fs, ntvfs)
Stefan Metzmacher
metze at samba.org
Wed Sep 2 06:32:00 UTC 2015
Hi Jérémie,
>> I have no idea yet about how broken is an AD DC setup on OpenBSD.
>>
>> Hence my naive question about the future of ntvfs, and if the latter is
>> doomed to be removed, the possibility of amending s3fs so that
>> *filesystem-level* ACLs aren't required. Of course someone would then
>> have to do that work... *
>>
>>> This won't stop it being used as a great file server, however.
>>
>> :)
>>
>> Cheers,
>>
>> * hmm, I've just discovered vfs_acl_tdb(8). Relevant?
>
> Bingo ! That's the module you need. However it's mainly
> used in our test harness - we don't currently recommend
> production use of this.
I think for the sysvol share you better use
vfs_xattr_tdb to just simulate xattr support.
We have the following logic in source3/param/loadparm.c
if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
const char **vfs_objects = lp_vfs_objects(-1);
if (!vfs_objects || !vfs_objects[0]) {
if (lp_parm_const_string(-1, "xattr_tdb",
"file", NULL)) {
lp_do_parameter(-1, "vfs objects",
"dfs_samba4 acl_xattr xattr_tdb");
} else if (lp_parm_const_string(-1, "posix",
"eadb", NULL)) {
lp_do_parameter(-1, "vfs objects",
"dfs_samba4 acl_xattr posix_eadb");
} else {
lp_do_parameter(-1, "vfs objects",
"dfs_samba4 acl_xattr");
}
}
lp_do_parameter(-1, "map hidden", "no");
lp_do_parameter(-1, "map system", "no");
lp_do_parameter(-1, "map readonly", "no");
lp_do_parameter(-1, "map archive", "no");
lp_do_parameter(-1, "store dos attributes", "yes");
}
So having "xattr_tdb:file = /path/to/samba/xattr.tdb" should be everything
required.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150902/487c25aa/signature.sig>
More information about the samba-technical
mailing list