[Samba] FreeBSD-11 and Samba-4.6 as a DC

David STIEVENARD stievenard.david at gmail.com
Fri Jul 14 09:31:46 UTC 2017


Hi

On 07/12/2017 02:45 PM, Rowland Penny via samba wrote:
> On Wed, 12 Jul 2017 13:36:01 +1000
> Dewayne Geraghty <dewayne.geraghty at heuristicsystems.com.au> wrote:
>
>> Rowland, Are you saying that Samba46 won't provision on a file system
>> that has NFSv4 ACL enabled, rather than POSIX.1e (or no additional
>> ACL's, the usual default settings which allow only
>> owner:group:other) ? I would've thought that Samba would more closely
>> emulate Windows with the richer ACLs from NFSv4...
> At present, a Samba AD DC must be provisioned on a filesystem that
> supports the type of ACLs that ext4 supports, this unfortunately
> doesn't include NFSv4 ACLs.
>
>> James - I have FreeBSD11.1Prelease with AD provisioned. (no NFSv4).
>> And contrary to Ref [1] below, Extended ACL's are enabled by default.
> If Freebsd has modified Samba so that it will provision and run on
> NFSv4 ACLs, then I would suggest they prepare patches and submit them
> to the samba-technical mailing list. This is always provided they are
> not just using the deprecated ntvfs server.
>
>> Its seems that Samba *must* run a separate member server (or
>> standalone) for both samba4 and nfsv4 to co-exist (and use nfsv4
>> ACLs)?
> Yes, running Samba as a Unix domain member will work, but it is
> possible you will not be able to set ACLs from windows.
>
>> Previously it has been very unclear (ref 3-Volker's comment) whether
>> to use POSIX or nfsv4 ACL's.  Though the wiki is clearer now.  And
>> for the reference, FreeBSD's getfacl and setfacl operate on POSIX and
>> NFSv4 ACLs
>>
> At the moment, Samba, on a DC, has no concept of NFSv4 ACLs, so you
> need to use a filesystem such as ext4. I have tried UFS and ZFS on
> Freebsd and cannot get either to work with a Samba AD DC.
I was about to write about my success running samba 4.3.x on 
freebsd....and I found this thread...this breaks my heart ;-)

this incompatibility with freeBSD appeared since 4.6 ?
what is the feature that caused this change ?
>
> Rowland
>
Thanks
DS




More information about the samba mailing list