How to removing all ACls system wide

[kam270]

How do I remove all ACLs.

I’ve been told I can use the noacl flag in fstab but when I test this in a VM fstab removes the flag and the ACLs persist.


/dev/ufs/FreeNASs1a / ufs ro 1 1
/dev/ufs/FreeNASs3 /cfg ufs rw,noauto,noacl 2 2
/dev/ufs/FreeNASs4 /data ufs rw,noatime,noacl 2 2
/dev/ada0p1.eli none swap sw 0 0

 

[cyberjock]

Well, considering those two lines are reference to the mounting points for /cfg and /data, you missed out on the biggest of them all... /mnt. /mnt is where your pool is. So I'm *really* not sure what you think you are doing, but I assure you that you aren't doing it.

This is where I'd use the terms my instructors used in school. "You have a GCE."

GCE = Gross Concept Error

Not sure why you are wanting to remove all ACLs, but you will certainly be unhappy with the end result if you did manage to do that....

 

[Knowltey]

It's an issue at layer 8.

 

[kam270]

Well I dont see mount in fstab, do you ?


/dev/ufs/FreeNASs1a / ufs ro 1 1
/dev/ufs/FreeNASs3 /cfg ufs rw,noauto,noacl 2 2
/dev/ufs/FreeNASs4 /data ufs rw,noatime,noacl 2 2
/dev/ada0p1.eli none swap sw 0 0


Setting permissions wtih sefacl is a nightmare. We just want the standard file permissions.

 

[Knowltey]

Again, we shall ask, what the hell are you doing settings acls in /dev?

 

[kam270]

It's an issue at layer 8.

Are there alternatives to Freenas ?

 

[Knowltey]

Are there alternatives to Freenas ?

Yes, but you still haven't explained to us what your are trying to do here, so how can you expect us to answer a question that doesn't exist?

 

[cyberjock]

Setting permissions wtih sefacl is a nightmare. We just want the standard file permissions.

Ok, and I knew this statement was coming. The problem is that Samba doesn't use what you call 'standard file permissions' (the proper term for what you are describing is Unix permissions). Samba uses ACLs. Like it or not if you say "I don't want to use ACLs" then you are also saying "I don't want to use Samba or AFP". Both of those use ACLs. And as far as I know there is no "option" to use Unix permissions with either of those.

As for alternatives, that's up to you to determine. There's nothing uniquely as capable as FreeNAS. Google around and see what's out there that will do what you need it to.

 

[kam270]

Again, we shall ask, what the hell are you doing settings acls in /dev?

Im asking is that the correct place to put the noacl flag ? Seems not !

 

[Knowltey]

Im asking is that the correct place to put the noacl flag ? Seems not !

What are you even attempting to do with the noacl flag, that will completely change the ansswer...

 

[kam270]

What are you even attempting to do with the noacl flag, that will completely change the ansswer...

We want all our directories and folders on our share to be controlled by normal standard file permissions. We don’t want to use setfacl to control user permissions to files.

A user on another forum suggested using the noacl flag in /etc/fstab to quickly and easily remove the ACLs.

But I am not sure where to set the noacl flag. Or do you know of another way to remove ACLs system wide ?

 

[cyberjock]

First, /etc/fstab is NOT the file to edit for what you think you are trying to do.

Second, removing ACLs isn't going to solve your problem. I mean, it will, but it will then create others that are NOT able to be overcome (you know, like inaccessible shares to *everyone*).

So you need to either accept ACLs and set them up properly or consider some other OS. I thought I made this clear above when I linked Samba and ACLs together. They are exclusive of each other.. either you accept both or you reject both. There is no 1/2 way.

 

[kam270]

First, /etc/fstab is NOT the file to edit for what you think you are trying to do.

Second, removing ACLs isn't going to solve your problem. I mean, it will, but it will then create others that are NOT able to be overcome (you know, like inaccessible shares to *everyone*).

So you need to either accept ACLs and set them up properly or consider some other OS. I thought I made this clear above when I linked Samba and ACLs together. They are exclusive of each other.. either you accept both or you reject both. There is no 1/2 way.

Ok please provide me with your best setfacl ? ACL documentation. Cos the stuff i've seen is a mess

 

[Knowltey]

We want all our directories and folders on our share to be controlled by normal standard file permissions. We don’t want to use setfacl to control user permissions to files.

A user on another forum suggested using the noacl flag in /etc/fstab to quickly and easily remove the ACLs.

But I am not sure where to set the noacl flag. Or do you know of another way to remove ACLs system wide ?

Then /dev/ isn't where you need to be, your shares aren't in /dev/ they are in /mnt/

Second, you don't have to use setfacl to set ACLs on a share. Just set the dataset or pool up with Windows ACLs, then you can set them the same way you would on a local Windows box.

And the solution to making stuff accessible to everyone isn't to remove ACLs, the solution is to add an ACL that allows "Everyone" access.

 

[kam270]

Then /dev/ isn't where you need to be, your shares aren't in /dev/ they are in /mnt/

Second, you don't have to use setfacl to set ACLs on a share. Just set the dataset or pool up with Windows ACLs, then you can set them the same way you would on a local Windows box.

And the solution to making stuff accessible to everyone isn't to remove ACLs, the solution is to add an ACL that allows "Everyone" access.

Ok but my fstab doesn’t have a /mnt/


"Just set the dataset or pool up with Windows ACLs" How does one go about setting up this ?

Thanks

 

[Knowltey]

Ok but my fstab doesn’t have a /mnt/

WHAT!?

/mnt/ is like "preschool level" for Unix-like systems. What you are attempting to do is "college level".

You have no business running a BSD based system without knowing what /mnt/ is.

Also a pool is ZFS 101, if you don't know what I'm talking about there you specifically don't have any business running FreeNAS or any other system running a ZFS filesystem for that matter.

A good analogy would be that you're the grandma that doesn't know what "start menu" mean walking into here and asking us how to configure up a domain controller.

 

[kam270]

WHAT!?

/mnt/ is like "preschool level" for Unix-like systems. What you are attempting to do is "college level".

You have no business running a BSD based system without knowing what /mnt/ is.

Also a pool is ZFS 101, if you don't know what I'm talking about there you specifically don't have any business running FreeNAS or any other system running a ZFS filesystem for that matter.

A good analogy would be that you're the grandma that doesn't know what "start menu" mean walking into here and asking us how to configure up a domain controller.

You got it all wrong. I was told to change the noacl flag in fstab. You guys are telling me to set that on /mnt/ . All im saying is /mnt/ isnt listed in fstab.

And yes I know what /mnt is So I can run Freenas lol

 

[kam270]

WHAT!?

/mnt/ is like "preschool level" for Unix-like systems. What you are attempting to do is "college level".

You have no business running a BSD based system without knowing what /mnt/ is.

Also a pool is ZFS 101, if you don't know what I'm talking about there you specifically don't have any business running FreeNAS or any other system running a ZFS filesystem for that matter.

A good analogy would be that you're the grandma that doesn't know what "start menu" mean walking into here and asking us how to configure up a domain controller.

But anyway I will find another solution . Freenas sucks and so does the community forum.

 

[Knowltey]

Ok, either way, you are trying to do something that isn't going to work out like you are expecting it to work out for you, and the problem you describe isn't even a problem in the first place. If you're using CIFS then you're going to need to use ACLs.

 

[Knowltey]

But anyway I will find another solution . Freenas sucks and so does the community forum.

No, the issue you are having is that you are attempting to disable a required part of CIFS. That's has nothing to do with FreeNAS as it just implements CIFS as it needs to be implemented. That's like you trying to drive a car without tires because you don't want to have to deal with rubber and then complaining to Ford that it makes a horrible scraping noise.