[Freeipa-users] nfs4 acl
Ondrej Valousek
ondrejv at s3group.cz
Mon Jul 2 08:02:57 UTC 2012
On 07/01/2012 11:03 PM, Natxo Asenjo wrote:
> On Sun, Jul 1, 2012 at 10:39 PM, <ondrejv at s3group.com <mailto:ondrejv at s3group.com>> wrote:
>
> In fact, Netapp is (sadly to say) the only NFSv4 server in the whole world
> that can provide you with a true NFSv4 ACLs (remember to turn them on
> using options nfs.v4.acl = on).
> The nasty hack Rob mentioned will only provide you with POSIX Acls mapped
> to the NFSv4 acls - which will consequently cripple down the whole ACLs
> the NFS server is providing.
>
> So if you want a nice, fully fledged NFSv4 ACLs, go to Netapp or Solaris
> based NFSv4 server. Forget about Linux.
>
>
> ok, thanks for confirming what I was already thinking. We do have Netapp (and very happy customers, I must say).
>
> When you say 'Solaris based' do you mean nexenta/openindiana? That still is a very nice choice to have, it would be great to have a linux
> based one, but still.
>
> --
> natxo
The real problem is that no Linux filesystem I am aware of can store NFSv4 ACLs natively - there are some patches for ext4 but I doubt they
did make its way for the production. The future seems to be richacl friendly filesystem, but I do not know anything about it, too.
The only filesystem that can store NFSv4 ACLs is Suns ZFS so hence you should be able to built your own NFS server based on OpenSolaris or
some clones.
Actually, you might want to check this:
http://www.bestbits.at/richacl/
to see if your kernel has this patch - if yes, there is quite a good chance you could do it on Linux, too.
Ondrej
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120702/23f3846f/attachment.htm>
More information about the Freeipa-users
mailing list