Subject: | |
From: | |
Reply To: | |
Date: | Wed, 9 Nov 2016 10:51:41 +1100 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Wow. Thanks everyone for your insights and suggestions.
After more thinking and tests, it could be that RedHat are closing in on a solution with https://access.redhat.com/solutions/447803 (I'm not a subscriber either).
For me the current situation is not ideal but usable.
Adding directories through Nautilus gives the correct permissions inherited down from the top directory, but adding a file adds a gratuitous read on Other.
As the share is restricted to a particular group of users, it is no real issue for me.
Thanks again everyone. I'll await any further developments from RedHat.
Bill
-----Original message-----
> From:Karel Lang AFD <[log in to unmask]>
> Sent: Tuesday 8th November 2016 21:22
> To: Bill Maidment <[log in to unmask]>; [log in to unmask]
> Subject: Re: ACL Problem in SL7.2
>
> Hi Bill,
>
> problem indeed.
> Just suggestion/question - the NFS client running on SL 6.x is
> configured to use also NFSv4 protocol? Eg.
>
> mount -t nfs -o vers=4 server:/data /tmp
>
> btw i think Red Hat been solving something similar here:
>
> 'NFS client using NFSv4 ACLs loses the correct mask of a newly created
> file in subdirectories'
>
> https://access.redhat.com/solutions/447803
>
> unfortunately 'subscriber content' which i'm not, maybe you? :-)
>
>
> On 11/08/2016 06:19 AM, Bill Maidment wrote:
> > Hi again
> > My research has revealed that nfs in SL 7.2 is translating the POSIX ACL to NFSv4 ACL (a completely different format).
> > vi appears to recognise NFSv4 ACL, but Nautilus, ls and probably other programs, only seem to recognise POSIX ACL.
> >
> > So I have the following alternatives:
> > 1. Stop nfs translating to NFSv4 ACL
> > 2. Change the guest mount to translate NFSv4 ACL back to POSIX ACL
> > 3. Change Nautilus, etc to recognise NFSv4 ACL
> > 4. Use Samba instead of nfs
> >
> > I'm not sure if 1. or 2. are possible and 3. may happen one day. Does anyone know of a practical solution/workaround?
> > Cheers
> > Bill
> >
> > -----Original message-----
> >> From:Bill Maidment <[log in to unmask]>
> >> Sent: Sunday 6th November 2016 19:56
> >> To: Karel Lang AFD <[log in to unmask]>; [log in to unmask]
> >> Subject: RE: ACL Problem in SL7.2
> >>
> >> Thanks for the response Karel.
> >> umask is the standard 0022 and this is a top level directory on the host machine.
> >> I am using SL 6.8 to access the directory via nfs share.
> >> It looks like there is no problem if the file is created with vi
> >> But if I use Nautilus then that's when I get the issue.
> >> So Nautilus on SL 6.8 seems to be the culprit (or is it caused by nfs?)
> >> Cheers
> >> Bill
> >>
> >> -----Original message-----
> >>> From:Karel Lang AFD <[log in to unmask]>
> >>> Sent: Sunday 6th November 2016 16:16
> >>> To: Bill Maidment <[log in to unmask]>; [log in to unmask]
> >>> Subject: Re: ACL Problem in SL7.2
> >>>
> >>> Hi Bill
> >>> just pasted your work here to CLI and works OK on SL 6.7 and SL 7.2 here...
> >>> It has to be something else .. umask? or inherited from directory higher up?
> >>> Maybe strace would help to see whats happening exactly?
> >>>
> >>> cheers
> >>>
> >>> On 11/06/2016 03:58 AM, Bill Maidment wrote:
> >>>> Hi
> >>>> I am trying to set up ACL on a directory such that any new file created in the directory has permissions of 0660.
> >>>> However, when I create a new file, the permissions are set as 0664 (see test.txt file below)
> >>>> Is this a bug or am I doing something wrong?
> >>>>
> >>>> These are the commands I used:
> >>>>
> >>>> chmod -R u+rwX,g+rwXs,o-rwx /pictures
> >>>>
> >>>> setfacl -d -m u::rwx,g::rwx,o::--- /pictures
> >>>>
> >>>> getfacl /pictures
> >>>> getfacl: Removing leading '/' from absolute path names
> >>>> # file: pictures
> >>>> # owner: nfs01
> >>>> # group: nfs01
> >>>> # flags: -s-
> >>>> user::rwx
> >>>> group::rwx
> >>>> other::---
> >>>> default:user::rwx
> >>>> default:group::rwx
> >>>> default:other::---
> >>>>
> >>>> ls -latrh /pictures
> >>>> total 4.0K
> >>>> dr-xr-xr-x. 22 root root 4.0K Nov 6 12:41 ..
> >>>> drwxrws---+ 2 nfs01 nfs01 21 Nov 6 13:10 Testing
> >>>> -rw-rw-r-- 1 nfs01 nfs01 0 Nov 6 13:44 test.txt
> >>>> drwxrws---+ 3 nfs01 nfs01 35 Nov 6 13:44 .
> >>>>
> >>>> Cheers
> >>>> Bill Maidment
> >>>>
> >>>
> >>>
> >>
> >>
> >
>
> --
> *Karel Lang*
> *Unix/Linux Administration*
> [log in to unmask] | +420 731 13 40 40
> AUFEER DESIGN, s.r.o. | www.aufeerdesign.cz
>
>
|
|
|