Accessing ZFS snapshot directories over SMB
Timur I. Bakeyev
timur at freebsd.org
Fri May 18 06:20:55 UTC 2018
On 17 May 2018 at 12:55, Ralph Böhme <slow at samba.org> wrote:
> Bug https://bugzilla.samba.org/show_bug.cgi?id=13175 has been lingering
> far too
> long with competing patches that try to address the issue.
> I just uploaded a reworked patch that should take into account the private
> FreeBSD is currently shipping, I'm just switchin the default to allows
> access to
> snapshot dirs by default.
> So, final call, please ack or nack *now*. :)
Sorry for taking too long with this patch - by itself it's pretty simple,
hence there are multiple implementations and bike-shedding :)
I got puzzled with the DEFAULT_ACL_POSIX usage in your patch. This name is
confusing for my not very educated sight :) Do I understand correctly that
it just creates NT ACLs based on the mode_t permissions?
In general I want to see seamless integration here with the behavior
introduced in the
https://svnweb.freebsd.org/base?view=revision&revision=329265 as this is
now the standard behavior of ZFS on FreeBSD at least. Which brings the
question - who are currently using vfs_zfsacl besides FreeBSD?
As I understand the generated ACL for .zfs/ directory would match the one
returned for .zfs/ by the OS? I.e. it won't have SEC_DIR_WRITE_ATTRIBUTE |
SEC_DIR_WRITE_EA | SEC_DIR_READ_ATTRIBUTE | SEC_DIR_WRITE_EA flags.
Taking into account the native OS support I don't think that we need to
have 'zfsacl:expose_snapdir' flag at all - in the case Samba will be
running on FreeBSD 11.2 or later this directory will be automagicaly
exposed by OS, so we'd rather mimic OS behavior.
More information about the samba-technical