Comments for mattwilson.org

Comment on Solaris CIFS Server and ZFS ACLs: The Problem by wujek

wujek — Wed, 28 Dec 2011 14:32:29 +0000

Thank you.

Comment on Solaris CIFS Server and ZFS ACLs: The Problem by Hayes Whitt

Hayes Whitt — Fri, 15 Apr 2011 23:07:57 +0000

I got the answer you are looking for on my Solaris 11 guide. Check out under “Permissions and ACL”.

Comment on Using OpenDS for DB2 Authentication by Everything has an end… « Ludovic Poitou's Blog

Everything has an end… « Ludovic Poitou's Blog — Tue, 07 Sep 2010 14:54:25 +0000

[...] An article posted a few months ago by Matt Wilson on Using OpenDS for DB2 authentication. [...]

Comment on Solaris CIFS Server and ZFS ACLs: The Problem by Benjamin

Benjamin — Tue, 08 Jun 2010 12:08:49 +0000

@mwilson That did it! Thanks a bunch!

Comment on Solaris CIFS Server and ZFS ACLs: The Problem by mwilson

mwilson — Mon, 07 Jun 2010 16:44:41 +0000

@Benjamin – the command you list works fine for me on Solaris 10u8. On OpenSolaris I think there’s a possibility that the GNU chmod command is higher on your path than the Solaris chmod command. What does ‘which chmod’ tell you? Try your command again, but specify a full path for chmod — /usr/bin/chmod should work.

Comment on Solaris CIFS Server and ZFS ACLs: The Problem by Benjamin

Benjamin — Mon, 07 Jun 2010 14:24:42 +0000

I can’t get Bryan’s chmod command to work. I’m on OpenSolaris JeOS svn_134 and issuing:

chmod -R A=owner@:rwxpdDaARWcCos:df:allow,everyone@:xrcarR:df:allow /export/home/cfissahre/osol

results in the following error:

chmod: invalid mode: ‘A=owner@:rwxpdDaARWcCos:df:allow,everyone@:xrcarR:df:allow’

What am I missing?
Thanks

Comment on Solaris CIFS Server and ZFS ACLs: The Problem by Noname

Noname — Mon, 31 May 2010 15:56:03 +0000

Indeed. Thanks, Bryan.

Comment on Solaris CIFS Server and ZFS ACLs: The Problem by Bryan

Bryan — Fri, 17 Jul 2009 20:28:42 +0000

Sorry for the additional comment – but the comment box stripped off the last bit of the chmod command. You obviously need to add the directory name to the end of the command – the directory you want to apply the ACL to.

Hope this helps anybody out there that is looking for this information.

Comment on Solaris CIFS Server and ZFS ACLs: The Problem by Bryan

Bryan — Fri, 17 Jul 2009 20:26:01 +0000

OpenSolaris and CIFS share ACLs are bit hard to deal with initially. The problem starts with the fact that ZFS shares do not come with inheritable ACL permissions out of the box – and both Windows and OS X (I’m dealing with Leopard) clients only pay attention to the ACLs and ignore umask and other UNIX based permissions.

To fix this issue, you simply need to create a standard set of ACLs with inheritance marked on the directory you are sharing, something like this (careful this will replace all existing ACLs):

chmod -R A=owner@:rwxpdDaARWcCos:df:allow,everyone@:xrcarR:df:allow

This gives a new file with permissions like this:
user:full control
everyone: read_only (it includes reading of child objects and attrs, etc).

The moral of the story is to define a default set of ACLs when you create a new ZFS/CIFS share.
(Most of this was derived from the post by Afshin: http://opensolaris.org/jive/thread.jspa?messageID=278848 — Mentioned by Kopsis in another comment).

Comment on Zero character password? by Peter

Peter — Thu, 18 Jun 2009 21:36:06 +0000

It’s just you. A 0 character password is a workflow enhancer. One less click!