ZFS preserve ACL's from opensolaris with zfs send/receive

[Boeri]

I'm currently running a couple of NEXENTA/opensolaris servers but would like to migrate to freebsd.

Now that the following patch http://people.freebsd.org/~pjd/patches/zfs_sid.h.patch is commited to the freebsd source we can do a zfs send/receive without a panic.

On the freebsd box I can see all the files after the replication. I used the -R switch with the zfs send command to preserve all properties, snapshots, ...

The biggest problem is that all users and groups are mapped to nobody.

[root@FREEBSD /testpool/users]# getfacl testg/
# file: testg/
# owner: root
# group: wheel
       user:nobody:rwxpDdaARWcCos:------:allow
       user:nobody:rwxpDdaARWcCos:fdi---:allow
      group:nobody:rwxpDdaARWcCos:------:allow
      group:nobody:rwxpDdaARWcCos:fdi---:allow
      group:nobody:rwxpDdaARWcCos:fd----:allow
      group:nobody:rwxpDdaARWcCos:fd----:allow

The nexenta box is using ephemeral mappings for active directory users. So I suppose the SID is stored into the ACL's and not the dynamic created uid and gid.
Is there any solution for this? Is there a way to check what is stored in the NFSv4 acls?
Is getfacl returning nobody because it couldn't map the SID or ...

I hope there is a way that freebsd can read the stored SID and map them to new ephemeral uid/gid-s with samba/winbind.

 

[Sebulon]

Now that the following patch http://people.freebsd.org/~pjd/patches/zfs_sid.h.patch is commited to the freebsd source we can do a zfs send/receive without a panic.

Hey that sounds awesome, but just out of curiosity, how do you know that?

/Sebulon

 

[Boeri]

The patch is commited to http://sources.freebsd.org/HEAD/src/sys/cddl/compat/opensolaris/sys/sid.h since January 2012
http://svnweb.freebsd.org/base?view=revision&revision=230454
I compiled this today and is working fine.

 

[Sebulon]

Super!

I've been waiting for that one for quite a while now. Never got a straight answer from back when it was made.

/Sebulon