[Samba] viewing, if not editing, NFSv4 ACL's from Samba shares
Volker Lendecke
Volker.Lendecke at SerNet.DE
Tue Apr 20 15:31:47 MDT 2010
On Tue, Apr 20, 2010 at 05:20:47PM -0400, Nico Kadel-Garcia wrote:
> Nope. I really, really wish it did. The relevant clients are Windows
> XP, if that has any role. And I've confirmed that the files and
> directories generated do follow the NFSv4 ACL policies.
And they don't allow to modify them? That's strange.
> As a relatively ignorant user, I wonder if mapping for display might
> be considered too awkward. NFSv4 ACL's are storead as
> 'username at domain', rather than as 'username', and Windows doesn't seem
> to have the same concept of ordering of ACL's as NFSv4 has, so it
> could be pretty tricky.
ACL ordering is one of the nastiest pieces of NFSv4/Windows
ACL interop. But you can't do much about that.
> > What platform is your Samba server running on? Is this
> > Solaris?
>
> RHEL 5. It's why I've been writing lately about the tI've been
> avoiding Solaris as file servers since I wrote one of the first Samba
> ports for SunOS 4.1.2, way back in the 1990's.
I thought it was Solaris because you've got the zfsacl
module activated.
I was told today that the Linux NFSv4 client file system
passes the ACLs as xattrs to user space. So it should "just"
be a matter of writing a VFS module to get what you want.
Probably very few days of coding. If just had time...
Volker
More information about the samba
mailing list