[Samba] 2 questions: Linux filesystems that truly compare to NTFS / winbind causes Linux to lockup when connectivity to AD is lost

Clayton Hill admin at ateamonsite.com
Mon Oct 19 13:28:41 MDT 2009 

I read this article:

http://www.tuxera.com/community/ntfs-3g-advanced/extended-attributes/

It clearly tells that NTFS ACLs are not really respected. How would they 
do that anyways? by using winbind/samba? That was a wee bit of sarcasm 
there..
My aim is to have a AD joined NAS with samba and IDMAPS in the backend 
working to translate and use NTFS security on a Linux based FS in a way 
that is transparent to Windows MCSE type sys admins using robocopy or 
any other utility that preserves NTFS ACLs for samba to evaluate when a 
share is accessed. ;-)

In NTFS 3G  - POSIX ACLs are dominant to the point that AD ACLs are 
mangled.. or omitted or worse. Doesn't please windows admins much to 
lose ACLs and have mangled ACEs when porting their ACLed data to a *nix 
filesystem..  simply tacking on "everyone" permissions and overriding 
NTFS security standards so you can RW a NTFS filesytem is fine for a 
dual booting hobbyist home user, or computer lab at a school wanting to 
access their windows stuff on their other drive while they play with 
Linux, but is not acceptable as a business solution in a business class 
AD windows environment where NTFS FS permission is king.


I think Jeremy's answer was correct - there is not a solution to this 
problem short of changing POSIX permissions to behave like NTFS, ( 
rewriting an OS LOL ) making NTFS and SIDS native to Linux, ( double LOL 
) or IMPROVING XFS to support bigger space in FS for EAs and have the 
ability to assign near unlimited ( NOT 25 ) ACLs better, and to separate 
the space the ACLs and EAs reside in inside the filesystem instead of 
having them kludged together as an afterthought.

I am still going to try EXT4 but unfortunately I have another 
unmentioned requirement - MacOS resource forks need to be honored - this 
is done with XFS only AFAIK

Thanks,
-Clayton





Szabolcs Szakacsits wrote:
>  <admin <at> ateamonsite.com> writes:
>
>   
>> First, XFS seems to work well for me until it was discovered it has a
>> limited amount of ACLs that can be set in the file system, (25! ) and
>> extended attribute support is kinda kludged in with the same space the ACLs
>> take up… which can lead to all sorts of issues when dealing with
>> inheritance and the importing of ACLs/EAs etc from files stored on NTFS.
>> Thus I feel that XFS is somewhat poor FS to mimic NTFS.
>> My question:
>> Is there any Linux file system out there that can compare accurately with
>> NTFS? 
>>     
>
> NTFS-3G has unlimited support for them (since version 2009.10.5-RC or
> using the advanced branch):
>
> http://www.tuxera.com/community/ntfs-3g-advanced/extended-attributes/
> http://www.tuxera.com/community/ntfs-3g-advanced/ownership-and-permissions/
>
> However most often we have to limit possibilities to the Windows NTFS 
> level otherwise Windows would BSOD.
>
> Regards,  Szaka
>
>
>

More information about the samba mailing list