How to set ACL permissions so nullfs mountpoints will traverse properly?

[Stilez]

I have a setup where a file share is exposed to Windows with samba, and at some level contains a nullfs mountpoint, a bit like this:

• dataset #1 is mounted at: /mnt/pool1 and contains subdir1
• dataset #2 is mounted at: /mnt/pool2
• mount_nullfs /mnt/pool2 /mnt/pool1/subdir1

This works fine, and as far as the end user is concerned, pool2 is a subdir of pool1. Since symlinks aren't being used, wide symlinks aren't made into an issue (the file system presents it all as within the one shared root dir).

However there's a problem. While a user can browse in Windows through the share hierarchy correctly, "find file" (as root, or from the Windows end) doesn't seem to work properly.

A similar issue is described on stackexchange here, and the answer was that when traversing a dir that's a nullfs mountpoint, the relevant permission is that set on the mountpoint directory (pool1/subdir1), not the permissions set on the root of the mounted file system (pool2). It says the solution is to unmount, chmod 755 the mountpoint, and remount.

However chmod doesn't actually work on CIFS mountpoints if the file system uses ACLs, as Cyberjock explained here. So how do I fix it?

 

[anodos]

I'd just do two shares. It'll be more stable and you'll be working with the OS instead of trying to fight it.

 

[Stilez]

I probably could, but I want to avoid a proliferation of shares, if possible. nullfs looks like it should handle that, and it's designed to handle it, just need to know how to set up permissions on an ACL-governed share, to allow traversal to have no issues, when chmod isn't available. It would be nice to have it that way going forward if possible.