Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: ACL (POSIX and NFSv4) Support over NFS shared drives on different Unix platforms
Top Forums UNIX for Dummies Questions & Answers ACL (POSIX and NFSv4) Support over NFS shared drives on different Unix platforms Post 302707943 by jim mcnamara on Sunday 30th of September 2012 01:32:10 PM
Old 09-30-2012
Last question: I know that it will work for Solaris 10/11 NFS4, per documentation. I have not tried, so I cannot comment how well it behaves.

There are problems with ACL's across platforms:
the uid has to match numerically
the gid has to match numerically
the NSF mount has to support the ACL operations, e.g., if the ACL grants write, but the remote file system is read-only then the ACL can not be honored.
See:
http://nfs.sourceforge.net/nfs-howto/ar01s06.html

If you are going across all of the platforms you mentioned - this will go beyond a nightmare to keep consistent and to maintain. On one large multiuser system ACL's are a pain in the butt. My opinion. If you can live without them do so.

I also think you are asking a hypothetical question. Even high-level IT managers know better than to have different major mission critical systems running on the number of platforms you mention. There is enough windows/UNIX/Linux chaos without adding to it.
This User Gave Thanks to jim mcnamara For This Post:
bstring
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

how floppy disks, CDs and flash drives (pen drives) are accessed in UNIX

hi how floppy disks, CDs and flash drives (pen drives) are accessed in UNIX? thanks (0 Replies)
Discussion started by: nokia1100
0 Replies

2. UNIX for Advanced & Expert Users

Shared Memory (Posix)

hi I had to create a shared memory segment which allows the creation of 8 child processes each with 1024 bytes and contains a common buffer area of 2096bytes. i was able to create the shared memory with shm_open() followed by ftruncate() and mmap() system calls. but for the shared buffer, i... (3 Replies)
Discussion started by: pretty
3 Replies

3. Ubuntu

Does Posix support kernel level threading?

Hi All, Please let me know the following. 1) Does POSIX lib support kernel threads? if yes, please let me know what are the specific function calls used to create/manage kernel threads. 2) Is Posix scalable? 3) Does POSIX take the advantage of multiprocessor systems? your help is much... (4 Replies)
Discussion started by: jayfriend
4 Replies

4. Emergency UNIX and Linux Support

Using ln -s with NFS across two drives?

Hi I have a server with a large RAID partition on it. The raid partition is split into a few directories which are then shared individually via NFS. Unfortunately the whole array is filling up and I need to do a little bit of juggling till I can upgrade the whole array to new disks. I... (5 Replies)
Discussion started by: Bashingaway
5 Replies

5. Solaris

NFS sharing across platforms

Hi, Not sure where to post this, I'm sorry and need suggestion if this is wrong section. we are running NFS Server on Solaris 10 and client box is HP-UX 11.11 (Can't apply latest patches/upgrades as in-house appln. doesn't allow) I am able to mount NFS shares from this Solaris box onto all... (4 Replies)
Discussion started by: prvnrk
4 Replies

6. Solaris

[Solved] Cannot Connect to Shared Drives

Hello, I just updated my Solaris 10 SPARC server w/ the 1/31 10_Recommended patch cluster and have now lost all access to the RAIDs. Nobody can access any shared drives, which is where we keep 100% of our data and daily working files. What I have: - Solaris 10 SPARC - Running Samba -... (1 Reply)
Discussion started by: stringman
1 Replies

7. Windows & DOS: Issues & Discussions

Linux mount cifs with Windows ACL support

I'm in the process of migrating my windows file servers to a Ubuntu Samba server. My plan is to use cp -Rp to copy all the mounted files to the proper directory on my Ubuntu server. I can mount them just fine but if I run getfacl against a mounted directory its not showing any of my Windows... (0 Replies)
Discussion started by: binary-ninja
0 Replies

8. HP-UX

When did HP-UX have support for ACL?

Hello, I try to find what year HP-UX got support for ACL (Access Control List)? I know that HP-UX was the first Unix with ACL support, but it is very hard to find the information on when that occured. So anyone here know when that did happen? Any answers are appreciated, /eXpander (1 Reply)
Discussion started by: eXpander
1 Replies

9. Solaris

Why ACL is getting activated on NFS mount..??

Hello All, I am facing a strange problem ( for first time in it's own for the matter of fact ) : Thanks. (1 Reply)
Discussion started by: Reboot
1 Replies

10. Shell Programming and Scripting

Create a shared folder using acl

Hello. I need some help to create a shared folder. A group 'publicuser' has been created. A user 'publicuser' has been created ( no login, no home) and belongs to group 'publicuser'. A public folder '/doc' has been created and owner is publicuser:publicuser. All users belonging to group... (12 Replies)
Discussion started by: jcdole
12 Replies

LEARN ABOUT OPENSOLARIS

acltotext

acltotext(3SEC) 				       File Access Control Library Functions					   acltotext(3SEC)

NAME

       acltotext, aclfromtext - convert internal representation to or from external representation

SYNOPSIS

       cc [ flag... ] file... -lsec [ library... ]
       #include <sys/acl.h>

       char *acltotext(aclent_t *aclbufp, int aclcnt);

       aclent_t *aclfromtext(char *acltextp, int *aclcnt);

DESCRIPTION

       The  acltotext()  function converts an internal ACL representation pointed to by aclbufp into an external ACL representation. The space for
       the external text string is obtained using malloc(3C). The caller is responsible for freeing the space upon completion..

       The aclfromtext() function converts an external ACL representation pointed to by acltextp into an internal ACL representation.	The  space
       for the list of ACL entries is obtained using malloc(3C). The caller is responsible for freeing the space upon completion. The aclcnt argu-
       ment indicates the number of ACL entries found.

       An external ACL representation is defined as follows:

       <acl_entry>[,<acl_entry>]...

       Each <acl_entry> contains one ACL entry. The external representation of an ACL entry contains two  or  three  colon-separated  fields.  The
       first field contains the ACL entry tag type. The entry type keywords are defined as:

       user		This  ACL  entry  with no UID specified in the ACL entry ID field specifies the access granted to the owner of the object.
			Otherwise, this ACL entry specifies the access granted to a specific user-name or user-id number.

       group		This ACL entry with no GID specified in the ACL entry ID field specifies the access granted to the  owning  group  of  the
			object. Otherwise, this ACL entry specifies the access granted to a specific group-name or group-id number.

       other		This ACL entry specifies the access granted to any user or group that does not match any other ACL entry.

       mask		This ACL entry specifies the maximum access granted to user or group entries.

       default:user	This  ACL  entry  with no uid specified in the ACL entry ID field specifies the default access granted to the owner of the
			object. Otherwise, this ACL entry specifies the default access granted to a specific user-name or user-ID number.

       default:group	This ACL entry with no gid specified in the ACL entry ID field specifies the default access granted to the owning group of
			the object. Otherwise, this ACL entry specifies the default access granted to a specific group-name or group-ID number.

       default:other	This ACL entry specifies the default access for other entry.

       default:mask	This ACL entry specifies the default access for mask entry.

       The second field contains the ACL entry ID, as follows:

       uid	This field specifies a user-name, or user-ID if there is no user-name associated with the user-ID number.

       gid	This field specifies a group-name, or group-ID if there is no group-name associated with the group-ID number.

       empty	This field is used by the user and group ACL entry types.

       The third field contains the following symbolic discretionary access permissions:

       r	read permission

       w	write permission

       x	execute/search permission

       -	no access

RETURN VALUES

       Upon successful completion, the acltotext() function returns a pointer to a text string. Otherwise, it returns NULL.

       Upon successful completion, the aclfromtext() function returns a pointer to a list of ACL entries. Otherwise, it returns NULL.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+
       |MT-Level		     |Unsafe			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       acl(2), malloc(3C), attributes(5)

SunOS 5.11							    10 Dec 2001 						   acltotext(3SEC)
All times are GMT -4. The time now is 02:26 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy