From owner-freebsd-questions@freebsd.org Fri Jul 19 12:43:11 2019 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E6C2CA1F4F for ; Fri, 19 Jul 2019 12:43:11 +0000 (UTC) (envelope-from vas@mpeks.tomsk.su) Received: from admin.sibptus.ru (admin.sibptus.ru [IPv6:2001:19f0:5001:21dc::10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 32E826BF82 for ; Fri, 19 Jul 2019 12:43:10 +0000 (UTC) (envelope-from vas@mpeks.tomsk.su) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sibptus.ru; s=20181118; h=Message-ID:Subject:To:From:Date:In-Reply-To; bh=OiFXvg5c7GEzGV+LuFc6B4q0uDZlbVo2g8cOjd2ny9I=; b=XRSRQbfWIf8xB4JOulQMq+LMp0 Be+0KngBmcGg/0+1fcywykcPgVLAAMT6YmN3V/0IigHxLSjWbakYibZsFGWqGG85Y4eoQKQNXSE9y cLoTA8RWGPYiNHyYaWCdqNHIZPGtwVOQFjoPrtr+FrHM+8FM163nPWIHUyaqxSmUMdG8=; Received: from vas by admin.sibptus.ru with local (Exim 4.92 (FreeBSD)) (envelope-from ) id 1hoSE9-0007vX-Gd for freebsd-questions@freebsd.org; Fri, 19 Jul 2019 19:43:09 +0700 Date: Fri, 19 Jul 2019 19:43:09 +0700 From: Victor Sudakov To: freebsd-questions@freebsd.org Subject: The quality of NFSv4 ACLs on ZFS? Message-ID: <20190719124309.GA30285@admin.sibptus.ru> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="MGYHOYXEY6WxJCY8" Content-Disposition: inline X-PGP-Key: http://www.dreamwidth.org/pubkey?user=victor_sudakov X-PGP-Fingerprint: 10E3 1171 1273 E007 C2E9 3532 0DA4 F259 9B5E C634 User-Agent: Mutt/1.12.1 (2019-06-15) Sender: Victor Sudakov X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Jul 2019 12:43:12 -0000 --MGYHOYXEY6WxJCY8 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Dear Colleagues, I see that in FreeBSD systems installed on ZFS, NFSv4 ACLs are enabled out of the box. At least getfacl shows their presence on every file of the system. Are they reliable and production-ready? Can I use them for real fine-grained file access control to important files?=20 What should I enable in net/samba48 for the FreeBSD SMB file server to present them to Windows clients? --=20 Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/49@fidonet http://vas.tomsk.ru/ --MGYHOYXEY6WxJCY8 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJdMbrdAAoJEA2k8lmbXsY0kS8H/0imQUQNR1tge1xklypBSMZR zlQDzHzEnhqhzlZxP6SS29Gp0SCl8ElUYg0jsZGjMw3lP5ye8hUEcYSBJdAR3hdr 3gXeqJevqkOnt1UZzriCheDXNsBShDhI6D6CEh/3AkaR/iUAev69If6M6rnLseTI KOkdq8LMou86Hc5Tt8inVn/0EaP5flIsM2M6Rz3iWPsiEJR004QBT1/7OhuV/34K yW386+ecRyn4C3fmszQRdYipS2chwpjk2IzeLKisncI/NBFHXQhja/XHuvlxela4 BKrz62fVtSilHalHhodyNv3AKxv2zEt/AkGDpfR92rYPtpppoNdfPrZnnTDvO94= =N5Ii -----END PGP SIGNATURE----- --MGYHOYXEY6WxJCY8--