Firstly, thanks for the mountain of ZFS tips, has helped immensely.

I’m in the process of building a NAS but firstly I’m testing this all out on a VM. I’m using Openindiana as I wanted native ZFS support.

I’ve basically followed your steps above to the letter T however when I try and access the shares from either Mac OS X or Win7 by smb://media@storage/media or \\storage\media and typing in the username/password I can’t access the share.

When I look at /var/adm/messages I get the following:
Oct 29 19:31:37 storage smbsrv: [ID 138215 kern.notice] NOTICE: smbd[STORAGE\guest]: media access denied: guest disabled

Why is it trying to access the share as guest even though I’m logging in with media?

Cheers.

Cheers,
Simon

cheers

Another slight possibility is that there’s a problem of zfs version for the old file system, but that sounds less likely than what I mentioned above.

ZFS has pool versions and file system versions.
See here for version information:
http://docs.sun.com/app/docs/doc/819-5461/appendixa-1?a=view

Let me know if you discover anything.

Cheers,
Simon

So something is up with my old pool permissions.

james@dusky:/tank# ls -dV pool
drwxrwxrwx+ 5 james james 8 May 2 21:12 pool
owner@:rwxpdDaARWcCos:fd—–:allow
group@:rwxpdDaARWcCos:fd—–:allow
everyone@:rwxpdDaARWcCos:fd—–:allow

I’m going to create a new filesystem and try that out.

Cheers,
Simon

Does this sound like something you have come across before:

When I mount my ZFS shares to my Mac over NFS – I can list and write. When I mount over CIFS – I can write but not list the current files.

thanks

chmod -R A=\
owner@:rwxpdDaARWcCos:fd—–:allow,\
group@:rwxpdDaARWcCos:fd—–:allow,\
everyone@:-wxpdDaARWcCos:fd—–:allow \
/raid5

I allow everyone for all users, if user is in valid group he can list a directory,

I know this is not a best form to resolve this but a windows office 2007 and 2003 is is working fine now.

But a have a issue on file is create from windows XP a initial set of attributes and ACL is set
Ok

id finance
uid=104(finance) gid=101(jamute)
groups finance
jamute publico fdocs financ

-rwxrwx—+ 1 finance jamute 49664 mar 23 2010 Ficha_SPOT_ALLIANZ_troca_loc2.xls
owner@:rwxpdDaARWcCos:——I:allow
group@:rwxpdDaARWcCos:——I:allow
everyone@:rwxpdDaARWcCos:——I:deny

Now a get access from Mac OS X 10.5 open a file on Excel:MAC 2008 modify a file and save in same name. the file continue ok attrib’s and acl

-rwxrwx—+ 1 coordena jamute 49692 mar 23 2010 Ficha_SPOT_ALLIANZ_troca_loc2.xls
owner@:rwxpdDaARWcCos:——I:allow
group@:rwxpdDaARWcCos:——I:allow
everyone@:rwxpdDaARWcCos:——I:deny

try access again via Windows XP and modify a file again and save. but now a attributes are vanished and acl continue Ok.

———-+ 1 finance jamute 49975 mar 23 2010 Ficha_SPOT_ALLIANZ_troca_loc2.xls
owner@:rwxpdDaARWcCos:——I:allow
group@:rwxpdDaARWcCos:——I:allow
everyone@:rwxpdDaARWcCos:——I:deny

I can’t access a file from MAC.

always access via CIFS.

a zfs set is same on this manual

===================================================================
raid5 aclmode passthrough local
raid5 aclinherit passthrough local

===================================================================
raid5/Financeiro aclmode passthrough inherited from raid5
raid5/Financeiro aclinherit passthrough inherited from raid5
raid5/Financeiro casesensitivity mixed -
raid5/Financeiro sharesmb name=Financeiro local

Cheers,
Simon

I was just going over this post again, as I am currently changing my file system structure. What strikes me is that only in one place you create the file system with “casesensitivity=mixed”. Is there any particular reason for that?

FYI: It seems that with snv_131 the “set sharesmb=name=xxxxx” is broken.

Cheers,
Christoph

When you boot your client OS, such as Windows, Mac OS or Linux etc, you need to connect to the shared media file systems using the ‘media’ user.

Cheers,
Simon

Thanks for this great guide for a linux starter like me! I still have one problem: i created a user – like Fred. But everything Fred creates in the media-filesystem is not visible for other users (like wilma), because the files are owned by Fred and the group is also Fred (instead of the media group). How can i change this, so that everything Fred does in the media-filesystem is created with group media ?

Many thanks,
Bart

fascinating ACL writeup, it looks daunting. In my shop they did it bass-ackwards and windows is the (normal) SMB server and NFS server. My sun boxes are the dummy nfs clients. I’m thinking of reversing the roles and making opensolaris the cifs/smb server, and nixing the nfs.

But what I wanted to comment on, was “setting ‘copies’ attribute to 2″ ZFS. Dude – zfs snapshot trump copies=x. zfs clones trump snapshots. zfs SEND to another opensolaris server or offsite trumps clones.

ps – your captachas are too hard!

Thanks for the info. If you mount the shares for (1) tank/home/fred/projects, (2) tank/home/fred/photo & (3) tank/home/fred/video as three separate shares on the client OS then it works fine, at least it works fine for me.

Simon

Sorry about that I did a hack job of copy and pasting. It turns out that what I’m describing is a known limitation in ZFS.

If I create a series of file systems like your fred example and navigate to the parent fred file system over the share (/tank/home/fred) I can only have read/write access to that file system. I will still see the mounted child file systems (e.g. /tank/home/fred/projects) as folders but if I try to read/write to them I will get an access denied message.

Anyway this bug report filed explains it much better than I can.

http://bugs.opensolaris.org/view_bug.do?bug_id=6820940

I updated your original comment with your corrections.

A couple of points:

1. I presume you are using SMB/CIFS protocol from your client computer to connect to your shares, and not the actual Samba software which is a free software re-implementation of SMB/CIFS networking protocol?

2. Also, it appears that the ‘zfs set sharesmb=name=fyleow’ within the two blocks above are identical. I presume this is a typo and you have, in fact, used different names for your shares — e.g.:
zfs set sharesmb=name=fyleow tank/home/fyleow
zfs set sharesmb=name=fyleow_music tank/home/fyleow/music

I set up something in a VM using your guide but I’m having trouble with samba. I use OS X 10.5 to access the shares I have set up which are tank/home/fyleow and tank/home/fyleow/music. I use finder to mount tank/home/fyleow and I can see the music directory, but I cannot read or write to it. In order to read and write to music I have to mount tank/home/fyleow/music separately. Any idea what might be the issue here? I don’t want to have to mount each file system under /tank/home/fyleow individually.

I created the following file systems:

zfs create tank/home
zfs create tank/home/fyleow
zfs create tank/home/fyleow/music

Then I applied the following

zfs set aclinherit=passthrough tank/home/fyleow
zfs set aclmode=passthrough tank/home/fyleow
chmod A=owner@:rwxpdDaARWcCos:fd—–:allow,group@:rwxpdDaARWcCos:fd—–:allow,everyone@:rwxpdDaARWcCos:fd—–:deny /tank/home/fyleow/
chown fyleow:fyleow /tank/home/fyleow
zfs set sharesmb=name=fyleow tank/home/fyleow

zfs set aclinherit=passthrough tank/home/fyleow/music
zfs set aclmode=passthrough tank/home/fyleow/music
chmod A=owner@:rwxpdDaARWcCos:fd—–:allow,group@:rwxpdDaARWcCos:fd—–:allow,everyone@:rwxpdDaARWcCos:fd—–:deny /tank/home/fyleow/music
chown fyleow:fyleow /tank/home/fyleow/music
zfs set sharesmb=name=fyleow tank/home/fyleow/music

Cheers,
Simon

# zfs set copies=2 tank/home/fred/photo
# zfs set copies=2 tank/home/fred/video
# zfs set copies=2 tank/home/fred/projects

Early in the post you seem to emphasize the relevance of the media filesystems as being replacable and the home filesystems as being irreplacable, but I don’t see any different in their creation except for access controls.

Can you expand on how else they are treated differently, or at least tell me what I’m missing?

Thanks