SMB shares - different parameters though GUI looks identical?

[Patrick M. Hausen]

Hi all,

I just wanted to help in that thread stating problems with Mac clients after the update to TN 12 when I noticed something really odd:

Code:

root@freenas[~]# testparm -s
Load smb config files from /usr/local/etc/smb4.conf
Loaded services file OK.
Server role: ROLE_STANDALONE

# Global parameters
[global]
    aio max threads = 2
    bind interfaces only = Yes
    disable spoolss = Yes
    dns proxy = No
    enable web service discovery = Yes
    kernel change notify = No
    load printers = No
    logging = file
    map to guest = Bad User
    max log size = 51200
    nsupdate command = /usr/local/bin/samba-nsupdate -g
    registry shares = Yes
    server min protocol = NT1
    server role = standalone server
    server string = FreeNAS Server
    idmap config *: range = 90000001-100000000
    fruit:nfs_aces = No
    idmap config * : backend = tdb
    directory name cache size = 0
    dos filemode = Yes


[Archiv]
    ea support = No
    guest ok = Yes
    mangled names = no
    path = /mnt/hdd/share/archiv
    read only = No
    vfs objects = aio_fbsd catia fruit streams_xattr noacl
    fruit:resource = stream
    fruit:metadata = stream
    fruit:encoding = native
    nfs4:chown = true


[Backup]
    ea support = No
    guest ok = Yes
    mangled names = no
    path = /mnt/hdd/share/backup
    read only = No
    vfs objects = aio_fbsd catia fruit streams_xattr noacl
    fruit:locking = none
    fruit:time machine = yes
    fruit:resource = stream
    fruit:metadata = stream
    fruit:encoding = native
    nfs4:chown = true


[Medien]
    ea support = No
    guest ok = Yes
    level2 oplocks = No
    mangled names = no
    oplocks = No
    path = /mnt/hdd/share/medien
    read only = No
    strict locking = Yes
    vfs objects = aio_fbsd catia fruit streams_xattr noacl
    fruit:resource = stream
    fruit:metadata = stream
    fruit:encoding = native
    nfs4:chown = true

Why does the "Medien" share have oplocks = No and level2 oplocks = No while the "Archiv" share doesn't? Both were created on the UI and the screens look absolutely identical. I cannot notice any difference accessing them.

Thanks,
Patrick

 

[anodos]

Is that path also an NFS share? We take some liberties to try to protect users. Basically, we don't allow client-side caching over SMB if the data is also being accessed via NFS.

 

[Patrick M. Hausen]

Ah ... of course.

I trust all the Macs in the local LAN so it's all guest access, no ACLs and other newfangled nonsense
But I do not quite trust the player application on my Apple TV not to mess with my carefully curated metadata, so that's an NFS read-only export ...

Thanks!

 

[anodos]

Ah ... of course.

I trust all the Macs in the local LAN so it's all guest access, no ACLs and other newfangled nonsense
But I do not quite trust the player application on my Apple TV not to mess with my carefully curated metadata, so that's an NFS read-only export ...

Thanks!

It's a matter of trying to control risks for the majority of end-users. You can override this hand-holding by adding auxiliary parameters that explicitly override the disabled parameters in the share configuration.

 

[Patrick M. Hausen]

No problem - as you can see I prefer things as simple as possible here. The engineer in me just got triggered by this assumed inconsistency.

Thanks again!
Patrick