Visit Our UNIX and Linux User Community


ACL (POSIX and NFSv4) Support over NFS shared drives on different Unix platforms


 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers ACL (POSIX and NFSv4) Support over NFS shared drives on different Unix platforms
# 1  
Old 09-28-2012
ACL (POSIX and NFSv4) Support over NFS shared drives on different Unix platforms

Hello, I have a question regarding ACLs and their availability across different Unix platforms via NFS share.

If I have an AIX/FreeBSD/Solaris/HP-UX client that has an nfs share from a different system mounted on it, will the ACLs on the nfs share be processed properly?

My guess is that as long as the both systems can support ACLs, then they will be processed properly, but I do not know if POSIX ACLs can be read properly if the two systems are different operating systems.

EDIT:
Quote:
By default, if the file system being exported by an NFS server supports ACLs and the NFS client can read ACLs, ACLs are utilized by the client system.
This quote from this site says that the ACLs should be read if the two filesystems both support ACLs. I just wasn't sure if that applied to all of AIX/FreeBSD/Solaris/HP-UX

Also I have the same question, but with NFSv4 ACLs. From what I understand, Solaris ZFS and AIX jfs2 with extended attributes both support nfsv4 ACLs. If I mount one system's filesystem on the other, will the nfs4 acls be present on the second machine?

Last edited by bstring; 09-28-2012 at 10:46 PM..
# 2  
Old 09-30-2012
Last question: I know that it will work for Solaris 10/11 NFS4, per documentation. I have not tried, so I cannot comment how well it behaves.

There are problems with ACL's across platforms:
the uid has to match numerically
the gid has to match numerically
the NSF mount has to support the ACL operations, e.g., if the ACL grants write, but the remote file system is read-only then the ACL can not be honored.
See:
http://nfs.sourceforge.net/nfs-howto/ar01s06.html

If you are going across all of the platforms you mentioned - this will go beyond a nightmare to keep consistent and to maintain. On one large multiuser system ACL's are a pain in the butt. My opinion. If you can live without them do so.

I also think you are asking a hypothetical question. Even high-level IT managers know better than to have different major mission critical systems running on the number of platforms you mention. There is enough windows/UNIX/Linux chaos without adding to it.
This User Gave Thanks to jim mcnamara For This Post:
# 3  
Old 10-04-2012
Quote:
Originally Posted by jim mcnamara
Last question: I know that it will work for Solaris 10/11 NFS4, per documentation. I have not tried, so I cannot comment how well it behaves.

There are problems with ACL's across platforms:
the uid has to match numerically
the gid has to match numerically
the NSF mount has to support the ACL operations, e.g., if the ACL grants write, but the remote file system is read-only then the ACL can not be honored.
See:
6.*Security and NFS

If you are going across all of the platforms you mentioned - this will go beyond a nightmare to keep consistent and to maintain. On one large multiuser system ACL's are a pain in the butt. My opinion. If you can live without them do so.
Thank you for the response. Everything I've read seems to imply complications when dealing with multiple operating systems and acl/nfs protocols. I will have to do some more research...
Quote:
I also think you are asking a hypothetical question. Even high-level IT managers know better than to have different major mission critical systems running on the number of platforms you mention.
I hope you are right, I am waiting to hear back from some of my higher ups about this Smilie
 

Previous Thread | Next Thread
Test Your Knowledge in Computers #797
Difficulty: Easy
The simplest arithmetic operation in binary is addition.
True or False?

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Create a shared folder using acl

Hello. I need some help to create a shared folder. A group 'publicuser' has been created. A user 'publicuser' has been created ( no login, no home) and belongs to group 'publicuser'. A public folder '/doc' has been created and owner is publicuser:publicuser. All users belonging to group... (12 Replies)
Discussion started by: jcdole
12 Replies

2. Solaris

Why ACL is getting activated on NFS mount..??

Hello All, I am facing a strange problem ( for first time in it's own for the matter of fact ) : Thanks. (1 Reply)
Discussion started by: Reboot
1 Replies

3. HP-UX

When did HP-UX have support for ACL?

Hello, I try to find what year HP-UX got support for ACL (Access Control List)? I know that HP-UX was the first Unix with ACL support, but it is very hard to find the information on when that occured. So anyone here know when that did happen? Any answers are appreciated, /eXpander (1 Reply)
Discussion started by: eXpander
1 Replies

4. Windows & DOS: Issues & Discussions

Linux mount cifs with Windows ACL support

I'm in the process of migrating my windows file servers to a Ubuntu Samba server. My plan is to use cp -Rp to copy all the mounted files to the proper directory on my Ubuntu server. I can mount them just fine but if I run getfacl against a mounted directory its not showing any of my Windows... (0 Replies)
Discussion started by: binary-ninja
0 Replies

5. Solaris

[Solved] Cannot Connect to Shared Drives

Hello, I just updated my Solaris 10 SPARC server w/ the 1/31 10_Recommended patch cluster and have now lost all access to the RAIDs. Nobody can access any shared drives, which is where we keep 100% of our data and daily working files. What I have: - Solaris 10 SPARC - Running Samba -... (1 Reply)
Discussion started by: stringman
1 Replies

6. Solaris

NFS sharing across platforms

Hi, Not sure where to post this, I'm sorry and need suggestion if this is wrong section. we are running NFS Server on Solaris 10 and client box is HP-UX 11.11 (Can't apply latest patches/upgrades as in-house appln. doesn't allow) I am able to mount NFS shares from this Solaris box onto all... (4 Replies)
Discussion started by: prvnrk
4 Replies

7. Emergency UNIX and Linux Support

Using ln -s with NFS across two drives?

Hi I have a server with a large RAID partition on it. The raid partition is split into a few directories which are then shared individually via NFS. Unfortunately the whole array is filling up and I need to do a little bit of juggling till I can upgrade the whole array to new disks. I... (5 Replies)
Discussion started by: Bashingaway
5 Replies

8. Ubuntu

Does Posix support kernel level threading?

Hi All, Please let me know the following. 1) Does POSIX lib support kernel threads? if yes, please let me know what are the specific function calls used to create/manage kernel threads. 2) Is Posix scalable? 3) Does POSIX take the advantage of multiprocessor systems? your help is much... (4 Replies)
Discussion started by: jayfriend
4 Replies

9. UNIX for Advanced & Expert Users

Shared Memory (Posix)

hi I had to create a shared memory segment which allows the creation of 8 child processes each with 1024 bytes and contains a common buffer area of 2096bytes. i was able to create the shared memory with shm_open() followed by ftruncate() and mmap() system calls. but for the shared buffer, i... (3 Replies)
Discussion started by: pretty
3 Replies

10. Shell Programming and Scripting

how floppy disks, CDs and flash drives (pen drives) are accessed in UNIX

hi how floppy disks, CDs and flash drives (pen drives) are accessed in UNIX? thanks (0 Replies)
Discussion started by: nokia1100
0 Replies

Featured Tech Videos