Date: Wed, 09 Sep 2015 09:51:57 -0700 From: Jordan Hubbard <jordanhubbard@icloud.com> To: Rakshith Venkatesh <vrock28@gmail.com> Cc: Mark Saad <nonesuch@longcount.org>, freebsd-fs@freebsd.org Subject: Re: CEPH + FreeBSD Message-ID: <A2FE36FB-BADD-4F65-BF0F-680FE6591A4D@icloud.com> In-Reply-To: <CANw0z%2BXgzreQXUOBk11F5hOHz665WvysiLnyd35qbmxjyHT9Fw@mail.gmail.com> References: <CANw0z%2BVhYCPNWrjByXLf8yO9wA0sc05_8eVJsM-McjcGNU9KQg@mail.gmail.com> <CA%2BKW7xQrN60kH37hu2Keja60a0huVjAyP6=SQNSrqus2EUMUMA@mail.gmail.com> <CANw0z%2BXrwK=6y%2BLpoiewc_eLDBYB5UZ5XpU6-YP0-K2FKwSa5w@mail.gmail.com> <A19FDEB5-1DEF-4EBF-8E9E-A1AD4688F1AA@icloud.com> <100306673.40344407.1441279047901.JavaMail.zimbra@uoguelph.ca> <1564D4FA-9BE1-4E37-8E91-F14A009D6B62@icloud.com> <838814506.1858817.1441577912291.JavaMail.zimbra@uoguelph.ca> <F5F89A87-AD10-4CD3-BF56-854EEBB4C121@longcount.org> <CAKYr3zyPxM0oKhgsNoFmkFxn6AFkekS2=ptV7Z6CicTzZvXCdw@mail.gmail.com> <8551C101-0E4B-4619-BF52-1B87BC6565D8@longcount.org> <CANw0z%2BXgzreQXUOBk11F5hOHz665WvysiLnyd35qbmxjyHT9Fw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Sep 8, 2015, at 7:29 PM, Rakshith Venkatesh <vrock28@gmail.com> = wrote: >=20 > If there is a need to support cifs along with NFS then locking surely = is > needed to maintain data sanity and avoid problems due to concurrent = access > to files. Well, sort of. The file sharing semantics between NFS and CIFS are so = different in not just in how they lock files, but in the Windows vs Unix = permission models, that it=E2=80=99s essentially lunatic to attempt to = share the same ZFS dataset to both NFS and Windows clients. FreeNAS does not even allow you to do that - you pick a dataset for CIFS = sharing and it applies a completely different set of default ACLs and = even goes so far as to disable Unix permission changes (chown/chmod) = completely so that clueless system admins don=E2=80=99t do local Unix = permission operations on the files and end up blowing certainly critical = (to Windows) ACLs off, rendering the share unusable to Windows clients. = It happened so often that we ultimately had to lay down the law and = explicitly disallow that scenario. In the past, Samba3 also used to essentially lie about a lot of the Unix = permissions to Windows clients in order to provide some semblance of = interoperability, but that ended up causing more problems than it solved = (it=E2=80=99s better to be predictable than magical) and in Samba4, = it=E2=80=99s far more inclined to simply tell the truth, which also = tripped up a lot of sysadmins who were used to it lying before. Once = they managed to unscramble their permissions and actually leverage ACLs = to the full extent they were meant to be used, they learned what the = Samba team already knew: NFS ACLs !=3D Windows ACLs. Or, as they said it best in Ghostbusters: Egon Spengler: There's something very important I forgot to tell you. Peter Venkman: What? Spengler: Don't cross the streams. Venkman: Why? Spengler: It would be bad. Venkman: I'm fuzzy on the whole good/bad thing. What do you mean, "bad"? Spengler: Try to imagine all life as you know it stopping = instantaneously and every molecule in your body exploding at the speed = of light. Ray Stantz: Total protonic reversal! Venkman: Right. That's bad. Okay. All right. Important safety tip. = Thanks, Egon. So yeah, the dream of sharing CIFS and NFS from the same dataset is = probably never going to be a reality. I mean, it=E2=80=99s *technically = possible* just like all things are technically possible, but you=E2=80=99d= have to come up with some sort of underlying =E2=80=9CUniversal = permissions and locking model=E2=80=9D that could then be mapped and = translated upwards to both Unix and Windows clients such that each saw = exactly what they wanted and needed to see, and then you=E2=80=99d need = to commit to maintaining that model across multiple versions of Windows = (in which the semantics have changed in subtle ways over time) and Unix. = The Samba folks really tried to fake that up in userland and as near as = I can figure out, they eventually realized it was just a terrible place = to be and stopped trying to force incompatible species to live together, = which is what we also decided. Yeah, it kind of sucks not being able to = share exactly the same files for R/W access to both Windows and Unix = clients simultaneously. Deal with it. Life is cruel. :-) JFYI, - Jordan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?A2FE36FB-BADD-4F65-BF0F-680FE6591A4D>