[Samba] Multiprotocol File Sharing via NFSv4 and Samba
pen at lysator.liu.se
Fri Jul 3 11:20:10 UTC 2020
Yes, Samba on FreeBSD with ZFS is a good choice when it comes to ACL support. As is any of the Solaris-derivates like OmniOS+ZFS.
Windows ACLs map really well to NFSv4 ACLs via Samba (with a few smaller issues like Windows wanting ACLs to be sorted).
NFSv4 ACLs also work well on FreeBSD & Solaris/OmniOS. (OmniOS also has a built-in SMB server but it doesn’t support the latest SMB protocol versions so isn’t really useful in my view).
Linux as a server OS might get there eventually - Ubuntu now has ZFS, albeit the full ACL support is… “lacking” (read: not usable - it’s enforced by the filesystem, you just can't see or modify the ACLs from Linux). I think someone is working on it though (the plan was to implement an API compatible with the way Linux accesses NFSv4 ACLs from a client).
Where Linux is better is oplock support (and better inotify support - there is an emulation in FreeBSD but it’s not as efficient if you have directories with huge number of files). And that it supports NFSv4.2 (FreeBSD currently is at v4.1 but 4.2 is coming) and OmniOS is at v4.0).
I’m currently managing around 16 FreeBSD (and a couple older Solaris10 & OmniOS) based ZFS-based file servers providing SMBv3 (via Samba) and NFSv4 file (and SFTP) services for our university users, home directories, group shared folders etc.
We choose FreeBSD as our file server OS after evaluating the alternatives and it seemed to be the “best” compromise at the time (3 years ago) (and still is I think). (Our evaluation requirements: ZFS, NFSv4, SMBv3, Kerberos/AD, ACLs for clients (Windows, MacOS & Linux), being able to handle ~ 5000 clients).
> On 2 Jul 2020, at 22:54, Andrew Walker via samba <samba at lists.samba.org> wrote:
> FreeNAS / FreeBSD have native NFSv4 ACLs. They do however lack kernel
> oplock support so there are perhaps some caveats in that regard.
> On Thu, Jul 2, 2020 at 3:07 PM Strahil Nikolov via samba <
> samba at lists.samba.org> wrote:
>> Hi Kraus,
>> I know that Gluster can be exported over NFS-Ganesha (supports v4.X),
>> Samba (protocol 1.0 in order to get 'real' permissions), Apple's stuff
>> and if you rebuild the source - you can use the built-in gNFS (supports NFS
>> v3 over tcp) all at once.
>> Yet, I'm not sure about the ACLs, so you should either test it
>> yourself or ask on the gluster mailing list.
>> Deployment is quite easy for a distributed filesystem, so you can test
>> it even on a single VM.
>> Best Regards,
>> Strahil Nikolov
>> На 2 юли 2020 г. 21:04:12 GMT+03:00, "Kraus, Sebastian via samba" <
>> samba at lists.samba.org> написа:
>>> Hi all,
>>> are there any non-commercial solutions (apart from solutions like Dell
>>> EMC, IBM and NetApp) around that allow to simultaneously access the
>>> same file system via NFSv4 and Samba exports in a (nearly)
>>> non-conflicting manner, especially w.r.t. to NFSv4/Windows ACL
>>> Sebastian Kraus
>>> Team IT am Institut für Chemie
>>> Gebäude C, Straße des 17. Juni 115, Raum C7
>>> Technische Universität Berlin
>>> Fakultät II
>>> Institut für Chemie
>>> Sekretariat C3
>>> Straße des 17. Juni 135
>>> 10623 Berlin
>>> Email: sebastian.kraus at tu-berlin.de
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba