[Samba] Switching between
Steve Tice
stic6021 at gmail.com
Fri Jan 11 12:07:26 MST 2013
My organization is in the position of having to support full
Windows ACLs on CIFS shares. We've been successfully utilizing
Samba 3.5.10-125 and vfs_acl_tdb to accomplish that. However,
the size of the resulting
/var/lib/samba/state/file_ntacls.tdb[.unique-extension] file(s)
has introduced some new problems for me to solve.
In our environment, it seems on average each stored ACL causes
file_ntacls.tdb to grow by almost 1000 bytes. That's what I've
observed with my customers - YMMV. We have to support millions
of files per server, and we've seen TDB files larger than 2 GB.
Is there any server change I can make to reduce the storage
demands of the acl_tdb module?
Separately, we're considering switching from the acl_tdb module
to the acl_xattr module. Do you know of any way to migrate or
transfer the NTFS ACL data for each file from the TDB to an
extended attribute? I'm trying to find a server-side solution
to the migration problem. A client-side solution might be to
rewrite each file (and resend the ACL data) after switching the
Samba server configuration, but that puts a lot on the customers.
More information about the samba
mailing list