[Samba] Switching between
stic6021 at gmail.com
Fri Jan 11 12:07:26 MST 2013
My organization is in the position of having to support full
Windows ACLs on CIFS shares. We've been successfully utilizing
Samba 3.5.10-125 and vfs_acl_tdb to accomplish that. However,
the size of the resulting
has introduced some new problems for me to solve.
In our environment, it seems on average each stored ACL causes
file_ntacls.tdb to grow by almost 1000 bytes. That's what I've
observed with my customers - YMMV. We have to support millions
of files per server, and we've seen TDB files larger than 2 GB.
Is there any server change I can make to reduce the storage
demands of the acl_tdb module?
Separately, we're considering switching from the acl_tdb module
to the acl_xattr module. Do you know of any way to migrate or
transfer the NTFS ACL data for each file from the TDB to an
extended attribute? I'm trying to find a server-side solution
to the migration problem. A client-side solution might be to
rewrite each file (and resend the ACL data) after switching the
Samba server configuration, but that puts a lot on the customers.
More information about the samba