gpfs:acl_nfsv4
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
gpfs:acl_nfsv4 [2021/04/27 13:11] manu |
gpfs:acl_nfsv4 [2021/12/31 18:48] (current) manu |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== ACL and shares NFS and SMB ====== | ====== ACL and shares NFS and SMB ====== | ||
| + | |||
| + | https://qastack.fr/server/514118/mapping-uid-and-gid-of-local-user-to-the-mounted-nfs-share | ||
| + | |||
| + | https://www.kernel.org/doc/html/latest/admin-guide/nfs/nfs-idmapper.html | ||
| + | |||
| + | ===== ACL commands ===== | ||
| + | |||
| + | List ACL on a file | ||
| + | <cli prompt='#'> | ||
| + | # mmgetacl project2.history | ||
| + | </cli> | ||
| + | <code> | ||
| + | #owner:guest | ||
| + | #group:usr | ||
| + | user::rwxc | ||
| + | group::rwx- #effective:rw-- | ||
| + | other::--x- | ||
| + | mask::rw-c | ||
| + | user:alpha:rwxc #effective:rw-c | ||
| + | group:audit:rwx- #effective:rw-- | ||
| + | group:system:-w-- | ||
| + | </code> | ||
| The concept of a default ACL does not exist for NFS V4 ACLs. Instead, there is a single ACL and the individual ACL entries can be flagged as being inherited (either by files, directories, both, or neither). Therefore, specifying the -d flag on the mmputacl command for an NFS V4 ACL is an error. | The concept of a default ACL does not exist for NFS V4 ACLs. Instead, there is a single ACL and the individual ACL entries can be flagged as being inherited (either by files, directories, both, or neither). Therefore, specifying the -d flag on the mmputacl command for an NFS V4 ACL is an error. | ||
| Line 27: | Line 49: | ||
| In the long term, it is a good idea to change the ACLs for all files and directories that are missing the SYNCHRONIZE bit instead of modifying the SMB configuration. | In the long term, it is a good idea to change the ACLs for all files and directories that are missing the SYNCHRONIZE bit instead of modifying the SMB configuration. | ||
| + | ===== ACL on Linux ===== | ||
| + | |||
| + | You have to install the package | ||
| + | nfs4-acl-tools | ||
| + | | ||
| + | === ACE Permissions === | ||
| + | |||
| + | The 'rxtncy' are the permissions the ACE is allowing. Permissions can be used in combonation with each other. A list of permissions and what they do can be found below: | ||
| + | |||
| + | ^ Permission ^ Function ^ | ||
| + | | r | read-data (files) / list-directory (directories)| | ||
| + | | w | write-data (files) / create-file (directories)| | ||
| + | | a | append-data (files) / create-subdirectory (directories)| | ||
| + | | x | execute (files) / change-directory (directories)| | ||
| + | | d | delete the file/directory| | ||
| + | | D | delete-child : remove a file or subdirectory from the given directory (directories only)| | ||
| + | | t | read the attributes of the file/directory| | ||
| + | | T | write the attribute of the file/directory| | ||
| + | | n | read the named attributes of the file/directory| | ||
| + | | N | write the named attributes of the file/directory| | ||
| + | | c | read the file/directory ACL| | ||
| + | | C | write the file/directory ACL| | ||
| + | | o | change ownership of the file/directory| | ||
| + | |||
| + | |||
| + | |||
| + | Note: Aliases such as 'R', 'W', and 'X' can be used as permissions. These work simlarly to POSIX Read/Write/Execute. More detail can be found below. | ||
| + | ^Alias ^ Name ^ Expansion^ | ||
| + | |R | Read | rntcy| | ||
| + | |W | Write | watTNcCy (with D added to directory ACE's| | ||
| + | |X | Execute | xtcy| | ||
gpfs/acl_nfsv4.1619521894.txt.gz ยท Last modified: 2021/04/27 13:11 by manu
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
