[Samba] File permissions getting destroyed with M$ software on ZFS
gaiseric.vandal at gmail.com
Mon Oct 4 07:02:24 MDT 2010
I had a lot of problems with this as well. I found it hard to find
much documentation on the zfs module in samba from either samba or sun.
(PS- A big thumbs down to Sun and the OpenSolaris crowd for apparently
I am running Samba 3.0.x from Sun on two servers and samba 3.4.x
compiled from source on the third. I eventually opened a support case
with Sun which did help (somewhat.)
Did you check the permissions of the parent directory? There may be an
inheritance issue. Usually the following worked for me:
chmod -R A- thedirectory
chmod -R A=owner@:rwxpdDaARWcCos:allow ?thedirectory
chmod -R A+group@:rwxpdDaARWcCos:allow ?thedirectory
My share defintions looks like the following (the nfs4 and zfsacl
options were recommended by sun tech support.)
vfs objects = zfsacl
inherit permissions = Yes
inherit acls = Yes
nfs4:acedup = merge
nfs4:chown = yes
nfs4: mode = special
mapread only = no
ea support = yes
store dos attributes = yes
create mask = 0770
force create mode = 0600
directory mask = 0775
force directory mode = 0600
zfsacl: acesort = dontcare
PS. Are your samba shares on top of autofs shares? If so, you may
also need to do the following.
# chmod A+user:nobody:aRc:allow thedirectory
So far it seems to work OK.
On 10/04/2010 06:06 AM, RegioGis wrote:
> I see you use samba with zfs. But how on earth do you prevent the 'deny'
> aces from being the first in the ACL, and thus denying all access to the
> resource ?
> I'm able to add permissions via the MS UI ( I added an AD group
> 'regio-users' )
> When I then create a file or folder via Samba, I get this on the Solaris box
> root # ll -V db1.mdb
> -rw-rw----+ 1 ackerra gis 98304 Oct 4 11:49 db1.mdb
> Thus denying all access to 'regio-users' ....
> How do you solve this ? ( I defined the share exactly as you specified )
More information about the samba