ZFS, Samba and ACL

jyavenard · #1 February 6th, 2011, 10:22

Hi there.

Opening a new thread as all are marked as solved ; but trying what was mentioned there didn't help me one bit

I have a FreeBSD 8.1 machine , running samba 3.5.6 ; a zpool of 14 with zfs filesytem 4.

Trying to export a zfs file system via samba, and set the ACLs using Windows.

Code:

server4# zfs list -o aclmode,aclinherit,mountpoint pool/data/shares/elec
    ACLMODE     ACLINHERIT  MOUNTPOINT
passthrough    passthrough  /pool/data/shares/elec

Here is my smb.conf

Code:

[global]

# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
   workgroup = MEL
   netbios name = SERVER4
   realm = MEL.DOMAIN.COM

   server string = File Server
    security = ADS
    client use spnego = yes
    allow trusted domains = No
    map to guest = Bad User
    password server = 192.168.0.3
    client NTLMv2 auth = Yes
    map untrusted to domain = Yes
    log file = /var/log/samba/log.%m
    max log size = 50000
    unix extensions = No
    client signing = Yes
    load printers = No
    printcap name = /etc/printcap
    disable spoolss = Yes
    os level = 10
    local master = No
    domain master = No
    dns proxy = No
    hosts allow = 192.168.0., 192.168.1., 127.
    map acl inherit = Yes
    case sensitive = No

    winbind refresh tickets = Yes
    winbind offline logon = Yes
    winbind enum users = Yes
    winbind enum groups = Yes
    winbind use default domain = Yes
    winbind nested groups = No
    
    passdb backend = tdbsam
    idmap backend = ad
    idmap uid = 1000 - 200000
    idmap gid = 1000 - 200000
    winbind nss info = rfc2307

    template homedir = /export/home/%U

    #For mac client
    follow symlinks = yes
    wide links = yes
    unix extensions = no

    admin users = root, jean-yves.avenard

[elec]
    comment = "Electronic Team Share Drive"
    path = /pool/data/shares/elec
    browseable = Yes
    read only = No
    inherit permissions = Yes
    inherit acls = Yes
    inherit owner = Yes
    map archive = No
    map readonly = no
    vfs objects = zfsacl
    nfs4:mode = special
    nfs4:acedup = merge
    nfs4:chown = yes

Samba was compiled from ports using ACL support ; libsunacl is properly compiled too.

Code:

[root@server4 /usr/ports/net/samba35]# ldd /usr/local/sbin/smbd  | grep sunacl
	libsunacl.so.1 => /usr/local/lib/libsunacl.so.1 (0x801fb4000)

Now the weird thing is that I can edit the permission in windows. I get a warning window about the permission not being ordered properly.

The strangest thing however is that when I modify the permissions and add a windows group ; the second I press Apply : it disappear from the list. One second it's there, I validate : bang it's gone.

If I modify any of the unix permission showing in the windows permission editor, I see that it gets properly updated with getfacl.

Am I missing anything ?
Thanks in advance for your help

Kind regards
Jean-Yves

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
[Solved] Samba with NFSv4/ZFS ACL Support	jlohiser	Web & Network Services	29	June 10th, 2011 14:09
Question about ACL under ZFS	BarbeRousse	General	2	January 25th, 2011 12:38
[Solved] NFS vs Samba on ZFS?	wonslung	Web & Network Services	4	November 22nd, 2010 12:08
samba + freebsd + zfs	cerulean	Web & Network Services	1	July 9th, 2010 08:04
8.0 and samba performance on ZFS	wonslung	Web & Network Services	11	March 22nd, 2010 19:01