NFS+Samba share with unix permissions?

[biltong2]

Is there a way to share a directory as NFS (rw) but also as Samba (ro) without losing the ability to set UNIX permissions?

 

[m0nkey_]

Yes. Share via NFS as normal, then create a read-only share for SMB.

 

[biltong2]

It doesn't work:

Code:

$ mkdir nfs-test

$ chmod 700 nfs-test/
chmod: changing permissions of 'nfs-test/': Operation not permitted

$ stat nfs-test/
  File: 'nfs-test/'
  Size: 2	 Blocks: 1  IO Block: 32768  directory
Device: 2fh/47d   Inode: 309387  Links: 2
Access: (0775/drwxrwxr-x)  Uid: ( 1000/  someuser)  Gid: ( 1000/  someuser)
Context: system_u:object_r:nfs_t:s0
Access: 2017-07-04 06:50:00.857756047 +0200
Modify: 2017-07-04 06:50:00.857756047 +0200
Change: 2017-07-04 06:50:00.857756047 +0200
 Birth: -

$ getfacl nfs-test/
# file: nfs-test/
# owner: someuser
# group: someuser
user::rwx
group::rwx
other::r-x

 

[SweetAndLow]

It doesn't work:

Code:

$ mkdir nfs-test

$ chmod 700 nfs-test/
chmod: changing permissions of 'nfs-test/': Operation not permitted

$ stat nfs-test/
  File: 'nfs-test/'
  Size: 2	 Blocks: 1  IO Block: 32768  directory
Device: 2fh/47d   Inode: 309387  Links: 2
Access: (0775/drwxrwxr-x)  Uid: ( 1000/  someuser)  Gid: ( 1000/  someuser)
Context: system_u:object_r:nfs_t:s0
Access: 2017-07-04 06:50:00.857756047 +0200
Modify: 2017-07-04 06:50:00.857756047 +0200
Change: 2017-07-04 06:50:00.857756047 +0200
 Birth: -

$ getfacl nfs-test/
# file: nfs-test/
# owner: someuser
# group: someuser
user::rwx
group::rwx
other::r-x

Don't use a dataset what is setup with Windows permissions. You clearly got permission denied with your chmod command which means Windows.

Sent from my Nexus 5X using Tapatalk

 

[biltong2]

Don't use a dataset what is setup with Windows permissions. You clearly got permission denied with your chmod command which means Windows.

Sent from my Nexus 5X using Tapatalk

I don't use any Windows permissions, the Windows share is read-only. You think this won't work with FreeNAS? or that the order I set it up was wrong?

 

[SweetAndLow]

I don't use any Windows permissions, the Windows share is read-only. You think this won't work with FreeNAS? or that the order I set it up was wrong?

Output of zfs get aclmode? I'm 100% positive you are using Windows permissions on this date.

Sent from my Nexus 5X using Tapatalk

 

[biltong2]

Code:

# zfs get aclmode vol/share
NAME  PROPERTY  VALUE  SOURCE
vol/share  aclmode  restricted  local

 

[m0nkey_]

Code:

# zfs get aclmode vol/share
NAME  PROPERTY  VALUE  SOURCE
vol/share  aclmode  restricted  local

That is a Windows dataset.

If you were using traditional UNIX permissions you would see:

Code:

[root@tardis] ~# zfs get aclmode tank/opt
NAME  PROPERTY  VALUE  SOURCE
tank/opt  aclmode  passthrough  inherited from tank

 

[SweetAndLow]

So delete the dataset and create a new one with Unix permissions or you can remove the acl and set the aclmode property to passthrough, I would have to look up the commands for this.

You then create your NFS export and smb share. When creating the share don't set permissions of any kind.

Sent from my Nexus 5X using Tapatalk