Discussion:
EON: nfs4 acls
Manojav Sridhar
2010-07-19 20:54:02 UTC
Permalink
hi there,

after reading your post i have few questions.

http://eonstorage.blogspot.com/2009/04/understanding-and-managing-nfsv4-acls.html

1. why is this gid used?

eon:/deep/tank#ls -Vd foo
d---------+ 2 admin stor 2 Apr 20 14:12 foo
user:admin:rwxpdDaARWcCos:-------:allow
group:2147483648:rwxpdDaARWcCos:-------:allow

2. can do I have to do this for all folders that i want writeable from both NFS4 and CIFS clients? Or do they inherit themselves for files created in that folder.

3. I have NFS4 working on my linux box, but not able to see the nfs4acls.

***@host:/net/nfs4mount/Documents$ nfs4_getfacl tmc.sh
Failed getxattr operation: Input/output error (http://www.spinics.net/lists/linux-nfs/msg00274.html)
--
This message posted from opensolaris.org
Andre Lue
2010-07-20 01:18:06 UTC
Permalink
Hi Vajonam,

If I remember correctly that is the default group ID assigned via CIFS/idmap

No you do not you can set inheritance from a higher level folder etc

I haven't tested nfsv4 acls with linux. I was actually guided to limit nfs to version 3 when working with linux clients. Mayne posting in the cifs and nfs forum will get someone elses view/solution around this prob
--
This message posted from opensolaris.org
Manojav Sridhar
2010-07-20 02:00:30 UTC
Permalink
dre2ks,

thanks for that.

yeah its only an issue when using cifs and nfs(3 or 4) on the same folder, need hack around with this some more. will post it on the nfs4 forum there seems to be a lot of folks with similar issues.

if use the smb distro of eon will any of this be any easier?
--
This message posted from opensolaris.org
Andre Lue
2010-07-20 02:20:16 UTC
Permalink
Hmmm. Good question. I think you maybe be able find a workaround via samba but I think other hurdles may cancel this. CIFS is just better integrated overall.
--
This message posted from opensolaris.org
Manojav Sridhar
2010-07-20 02:54:26 UTC
Permalink
think i've sorted out the problem.

firstly in need a fix in ubuntu.https://bugs.launchpad.net/ubuntu/+source/linux/+bug/562913
i need that fixed so i can modify the acl's from the nfs4 client.

also

i needed to add the mapid.xml service under the svc/manifest/network/nfs. Mabye if you add

svccfg import -v /svc/manifest/network/nfs/mapid.xml to the faq it might help folks.

I also set the NFSMAPID_DOMAIN=localdomain in /etc/default/nfs

to match what was on my client. again might be worth a mention in the nfs4 faq section.

and then restart nfs services, the nfs4 clients start getting the right guid and uids for the folders which is all that is needed. I can manage the acl's thru eon for now, but will have that fixed to shortly so should be okay.
--
This message posted from opensolaris.org
Andre Lue
2010-07-20 14:22:19 UTC
Permalink
Vajonam,

It would be great if you could write a detailed howto/guide for users looking to achieve the same. I could added it to the user howto section.
--
This message posted from opensolaris.org
Loading...