[Samba] Explain to me how this is correct...

Andrew Bartlett abartlet at samba.org
Wed Jun 14 22:40:31 UTC 2017


On Wed, 2017-06-14 at 22:02 +0100, Rowland Penny via samba wrote:
> On Wed, 14 Jun 2017 16:23:03 -0400
> Zaphod Beeblebrox via samba <samba at lists.samba.org> wrote:
> 
> > So... in the provision script, at some point after "self join" is
> > printed, we do:
> > 
> > smbd.set_simple_acl(file.name, 0755, gid)
> > 
> > .... where file.name is "/var/db/samba4/sysvol/tmpwXFu1C" and gid
> > is
> > 0 (at least on FreeBSD).
> > 
> > the "OSError" here is a '-1' ... which is startlingly unhelpful.
> > 
> > ... but the filesystem is zfs and acls of both posix and nfsv4 are
> > working.
> > 
> > ... having googled and tested several dozen ideas over the past day
> > or so, I'm relatively confident that somethings wrong with the
> > test.
> 
> You could always try asking 'Deep Thought' or 'Marvin' ;-)
> 
> But seriously:
> 
> No, the test works on Linux. I tried to get a Samba AD DC provisioned
> on Freebsd and I ran into the problem that you have found, ACLs do
> not
> work against zfs, I also couldn't get it work with ufs either and as
> ntvfs is probably going to be remove at some point (you have to make
> configure build it now, anyway), you may not be able to use Samba as
> an AD DC on Freebsd at present.

There may be some good news in the future, as I've had one of the
developers at iXSystems working with me on a proper fix, specifically
for zfs.  It might take a little while however. 

For now, it isn't a tested, viable option for Samba AD DC on FreeBSD.

Sorry,

Andrew Bartlett

-- 
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team         https://samba.org
Samba Development and Support, Catalyst IT   
https://catalyst.net.nz/services/samba







More information about the samba mailing list