Dear all,
I started using ACL´s on ZFS in order to use it in Samba 4.13. Created zroot under FreeBSD 12.2 RELEASE and upgraded to 13 RELEASE with OpenZFS. Switched xattrs from "on" to "sa" initially, but back to "on" after I ran into trouble and read about incompatibilities between the different ZFS implementations.
Besides the datasets created by the installer, I have several datasets with different settings (e.g. compression, maybe encryption later) which go under zroot/<name> mounted under /eigene/<name> while /eigene/ is a folder under zroot/ROOT/default. After some confusing problems (ACL´s had no effect) I freshly re-created a dataset (zroot/tmp), with xattr=sa, set ACL´s from scratch and tried to work with it.
Problem I have is that my ACL´s, set e.g. with
and result in
do not have any effect - such as:
This is strange, since as I understood, the everyone@-permission should already have been enough to let user "vmPDC" (such as any other user) access that folder. I tested that as well before the run with the dedicated entry for "vmPDC", which failed with the same error.
A listing of the "classic" permissions shows "+"es, which I think is reserved for POSIX ACL´s while I use NFSv4 only.
So I´m confused now. Is there any way to determine whether ACL´s are working correctly?
I also were not able to find a comprehensive guide or similar for that topic: ACL´s on ZFS under FreeBSD 13.
Greetings from hell
Betzi
I started using ACL´s on ZFS in order to use it in Samba 4.13. Created zroot under FreeBSD 12.2 RELEASE and upgraded to 13 RELEASE with OpenZFS. Switched xattrs from "on" to "sa" initially, but back to "on" after I ran into trouble and read about incompatibilities between the different ZFS implementations.
Besides the datasets created by the installer, I have several datasets with different settings (e.g. compression, maybe encryption later) which go under zroot/<name> mounted under /eigene/<name> while /eigene/ is a folder under zroot/ROOT/default. After some confusing problems (ACL´s had no effect) I freshly re-created a dataset (zroot/tmp), with xattr=sa, set ACL´s from scratch and tried to work with it.
Problem I have is that my ACL´s, set e.g. with
Code:
setfacl -a0 user:vmPDC:full_set:fd-----:allow /eigene/tmp
and result in
Code:
root@betzisbox# getfacl /eigene/tmp
# file: /eigene/tmp
# owner: root
# group: wheel
user:vmPDC:rwxpDdaARWcCos:fd-----:allow
owner@:rwxpDdaARWcCos:fd-----:allow
group@:rwxpDdaARWc--s:fd-----:allow
everyone@:rwxpDdaARWc--s:fd-----:allow
do not have any effect - such as:
Code:
sudo -u vmPDC ls /eigene/tmp
ls: /eigene/tmp: Permission denied
This is strange, since as I understood, the everyone@-permission should already have been enough to let user "vmPDC" (such as any other user) access that folder. I tested that as well before the run with the dedicated entry for "vmPDC", which failed with the same error.
A listing of the "classic" permissions shows "+"es, which I think is reserved for POSIX ACL´s while I use NFSv4 only.
Code:
ls -l /eigene
drwxr--r--+ 65 root wheel 68 Jun 25 01:22 spiele
drwx------+ 28 root wheel 74 Jun 25 01:21 system
drwxrwxrwx+ 9 root wheel 45 Jun 29 13:38 tmp
So I´m confused now. Is there any way to determine whether ACL´s are working correctly?
I also were not able to find a comprehensive guide or similar for that topic: ACL´s on ZFS under FreeBSD 13.
Greetings from hell
Betzi