Hello,
I'm using Samba Version 4.0.15-SerNet-RedHat-7.el6 (AD DC)
and zfs-0.6.2-1.el6.x86_64.
I cannot change permissions on files from either Windows ('Access
Denied')
or the samba-tool on shares from local zfs mounts:
# samba-tool ntacl set 'O:LAG:S-1-22-2-0D:PAI(A;OICI;0x001301bf;;;WD)'
CompanyName/ Company/
fset_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_ACCESS_DENIED.
ERROR(runtime): uncaught exception - (-1073741790, 'Access denied')
File "/usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py",
line
175, in _run
return self.run(*args, **kwargs)
File "/usr/lib64/python2.6/site-packages/samba/netcmd/ntacl.py",
line 90,
in run
setntacl(lp, file, acl, str(domain_sid), xattr_backend, eadb_file,
use_ntvfs=use_ntvfs)
File "/usr/lib64/python2.6/site-packages/samba/ntacls.py", line 154,
in
setntacl
smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP |
security.SECINFO_DACL | security.SECINFO_SACL, sd)
I cannot see where I am going wrong. I have zfs set
aclinheritance=passthrough-x, tried xattr on/off/sa/dir ...
Perhaps this belongs on the zfs list but would appreciate any feedback if
there are folk out there who have encountered this / not encountered this.
Thank you
Should I share me smb.conf? I'll share my smb.conf. It's not
complicated:
# Global parameters
[global]
workgroup = COMPANYNAME
realm = companyname.local
netbios name = PDC
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
winbind, ntp_signd, kcc, dnsupdate
allow dns updates = true
dns forwarder = 8.8.8.8
[netlogon]
path = /var/lib/samba/sysvol/company.local/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
[Company]
path = /Companyname/Company/ # zfs mount
read only = No
[root]
path = /
read only = No
force user = root
[zfsTest]
path = /Companyname/test # another zfs mount for testing porpoises.
read only = No
On 12 March 2014 02:46, Tom Jermy <tomjermy at gmail.com> wrote:
> Hello,
>
> I'm using Samba Version 4.0.15-SerNet-RedHat-7.el6 (AD DC)
> and zfs-0.6.2-1.el6.x86_64.
>
> I cannot change permissions on files from either Windows ('Access
Denied')
> or the samba-tool on shares from local zfs mounts:
>
> # samba-tool ntacl set
'O:LAG:S-1-22-2-0D:PAI(A;OICI;0x001301bf;;;WD)'
> CompanyName/ Company/
>
> fset_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_ACCESS_DENIED.
> ERROR(runtime): uncaught exception - (-1073741790, 'Access denied')
> File
"/usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py", line
> 175, in _run
> return self.run(*args, **kwargs)
> File
"/usr/lib64/python2.6/site-packages/samba/netcmd/ntacl.py", line
> 90, in run
> setntacl(lp, file, acl, str(domain_sid), xattr_backend, eadb_file,
> use_ntvfs=use_ntvfs)
> File "/usr/lib64/python2.6/site-packages/samba/ntacls.py", line
154, in
> setntacl
> smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP
> | security.SECINFO_DACL | security.SECINFO_SACL, sd)
>
> I cannot see where I am going wrong. I have zfs set
> aclinheritance=passthrough-x, tried xattr on/off/sa/dir ...
>
> Perhaps this belongs on the zfs list but would appreciate any feedback if
> there are folk out there who have encountered this / not encountered this.
>
> Thank you
>
Hi Tom, The current release of zfsonlinux does not support ACLs, I'm guessing this is what you are running into. There is support in trunk however so hope is on the horizon (or right now if you're feeling dangerous and keep good backups). I know there used to be a Samba option to store ACLs in an xattr (which is supported with current ZFS), however I couldn't find the config option in the manual. On Mar 11, 2014 10:47 PM, "Tom Jermy" <tomjermy at gmail.com> wrote:> Hello, > > I'm using Samba Version 4.0.15-SerNet-RedHat-7.el6 (AD DC) > and zfs-0.6.2-1.el6.x86_64. > > I cannot change permissions on files from either Windows ('Access Denied') > or the samba-tool on shares from local zfs mounts: > > # samba-tool ntacl set 'O:LAG:S-1-22-2-0D:PAI(A;OICI;0x001301bf;;;WD)' > CompanyName/ Company/ > > fset_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_ACCESS_DENIED. > ERROR(runtime): uncaught exception - (-1073741790, 'Access denied') > File "/usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py", line > 175, in _run > return self.run(*args, **kwargs) > File "/usr/lib64/python2.6/site-packages/samba/netcmd/ntacl.py", line 90, > in run > setntacl(lp, file, acl, str(domain_sid), xattr_backend, eadb_file, > use_ntvfs=use_ntvfs) > File "/usr/lib64/python2.6/site-packages/samba/ntacls.py", line 154, in > setntacl > smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP | > security.SECINFO_DACL | security.SECINFO_SACL, sd) > > I cannot see where I am going wrong. I have zfs set > aclinheritance=passthrough-x, tried xattr on/off/sa/dir ... > > Perhaps this belongs on the zfs list but would appreciate any feedback if > there are folk out there who have encountered this / not encountered this. > > Thank you > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >