On Wed, Sep 12, 2012 at 5:29 AM, Gabriele Bulfon <[email protected]> wrote: > Hi, > when sharing a zfs filesystem inside a domain, I usually chmod 777 the base > filesystem, > then the Windows Administsrator can start creating folders and giving > permissions. > Maybe there is somtehing wrong with the way I do it, but the strange thing is > that the base share > results available to Everyone, they can create folder, files, and these get > only the permissions of this > user and just System. So, not even the Administrator can delete this files. > If I remember well, there is no way to change the permission of the base > share (the zfs filesystem) > by the Administrator, but only subfolders inside it. > When sharing a zfs filesystem via CIFS, I'd like this base share to have just > permission for the > Administrator, so that he can only create folders / files there, and then > give permissions to others. > What's wrong? > Gabriele.
Probably what's wrong is that "chmod 777" does not enable inheritance. Instead, I'd recommend: chmod A=everyone@:rwxpdDaARWcCos:fd:allow /pool/fs-name which enables the file+directory inheritane bits. After you do that, connect with Windows and set the security the way you really want it to be. Also remember to set zfs aclmode and aclinherit to passthrough if you want ACL changes from unix to make sense to cifs clients. -- Gordon Ross <[email protected]> Nexenta Systems, Inc. www.nexenta.com Enterprise class storage for everyone _______________________________________________ OpenIndiana-discuss mailing list [email protected] http://openindiana.org/mailman/listinfo/openindiana-discuss
