[Samba] Samba and NFSv4 ACLs
Andrea Venturoli
ml at netfence.it
Sat Jul 13 07:39:36 UTC 2024
On 7/12/24 23:01, miguel medalha via samba wrote:
> Hello
Hello.
> With the introduction of NFS4 (and later on NFSv4.1) a new ACL system
> was introduced and standardized
Unfortunately "standardized" doesn't mean "accepted and implemented by all".
Linux didn't.
> I thought that it would be a good
> opportunity to switch from "acl_xattr" to "nfs4acl_xattr" in order to "
> manage the ACLs on the OS of the Samba host directly"
Notice you don't necessarily need nfs4acl_xattr in order for OS ACLs to
apply.
> This would greatly improve server management, mainly because it would be
> much easier to create or modify ACLs through Bash scripting.
>
> - Does anyone here have experience in such a scenario?
Yes and no.
I'm using OS ACLs on a QNAP NAS: it doesn't use any specific VFS module.
And I manage them through Salt (so it will work with bash scripting also).
> - What would the drawbacks, if any, be?
I don't think it maps 100% to Windows ACL.
Make sure users are not able to change their permissions through Windows
folder properties.
> - Does anyone here have some experience with the use of NFSv4 on ZFS
> filesystems?
Yes, but on FreeBSD, which, in contrast to Linux, implements NFSv4 ACLs.
bye
av.
More information about the samba
mailing list