dual share via cifs and nfs

dual share via cifs and nfs

[Gabriele Bulfon]

[-- Attachment #1.1: Type: text/plain, Size: 446 bytes --]

Hi, what are the correct settings for a zfs share to be visible both via cifs and nfs (cifs for smb users, nfs for a server)?
I need to be sure both will be using the same user to access files, as the nfs client will be creating files for smb users and vice versa.
 
Gabriele
 
 
Sonicle S.r.l. : http://www.sonicle.com
Music: http://www.gabrielebulfon.com
eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
 


[-- Attachment #1.2: Type: text/html, Size: 1454 bytes --]

Re: [developer] dual share via cifs and nfs

[Gordon Ross]

There are a few things you need for cross-protocol sharing:
1: create the ZFS dataset with options: nbmand=on, casesensitivity=mixed
2: make sure you have some SMB accounts (smbadm enable user, and/or
smbadm join ...)
3: Set ownership and ACLs to something Windows-friendly
  (eg:  chmod A=everyone@:full_set:fd:allow /the/share/root
   and then set ACLs how you want via windows right click)
4: setup idmap so that NFS will "see" something usable for UIDs and GIDs

There are some more details about those steps in the SMB Admin guide:
https://dlc.openindiana.org/docs/20090715/SSMBAG/html/smboverview.html
Sorry that's a bit stale.  I have a somewhat updated version, but it's
not "up" yet.

On Mon, Feb 5, 2024 at 2:51 AM Gabriele Bulfon via illumos-developer
<developer@lists.illumos.org> wrote:
>
> Hi, what are the correct settings for a zfs share to be visible both via cifs and nfs (cifs for smb users, nfs for a server)?
> I need to be sure both will be using the same user to access files, as the nfs client will be creating files for smb users and vice versa.
>
> Gabriele
>
>
> Sonicle S.r.l. : http://www.sonicle.com
> Music: http://www.gabrielebulfon.com
> eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
>
> illumos / illumos-developer / see discussions + participants + delivery options Permalink

Re: [developer] dual share via cifs and nfs

[Gabriele Bulfon]

[-- Attachment #1.1: Type: text/plain, Size: 2202 bytes --]

Thanks! Is it necessary to use "smbadm enable user" instead of just using unix passwd users and ACLs with those users?
I mean, they would be same usernames, and I have no domain in this case.
 
Gabriele 
 
 
Sonicle S.r.l. : http://www.sonicle.com
Music: http://www.gabrielebulfon.com
eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
 




----------------------------------------------------------------------------------

Da: Gordon Ross <gordon.w.ross@gmail.com>
A: illumos-developer <developer@lists.illumos.org>
Data: 6 febbraio 2024 1.12.14 CET
Oggetto: Re: [developer] dual share via cifs and nfs

There are a few things you need for cross-protocol sharing:1: create the ZFS dataset with options: nbmand=on, casesensitivity=mixed2: make sure you have some SMB accounts (smbadm enable user, and/orsmbadm join ...)3: Set ownership and ACLs to something Windows-friendly  (eg:  chmod A=everyone@:full_set:fd:allow /the/share/root   and then set ACLs how you want via windows right click)4: setup idmap so that NFS will "see" something usable for UIDs and GIDsThere are some more details about those steps in the SMB Admin guide:https://dlc.openindiana.org/docs/20090715/SSMBAG/html/smboverview.htmlSorry that's a bit stale.  I have a somewhat updated version, but it'snot "up" yet.On Mon, Feb 5, 2024 at 2:51 AM Gabriele Bulfon via illumos-developer<developer@lists.illumos.org> wrote:>> Hi, what are the correct settings for a zfs share to be visible both via cifs and nfs (cifs for smb users, nfs for a server)?> I need to be sure both will be using the same user to access files, as the nfs client will be creating files for smb users and vice versa.>> Gabriele>>> Sonicle S.r.l. : http://www.sonicle.com> Music: http://www.gabrielebulfon.com> eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets>> illumos / illumos-developer / see discussions + participants + delivery options Permalink------------------------------------------illumos: illumos-developerPermalink: https://illumos.topicbox.com/groups/developer/T853ccac866b92198-M029acf623527b9ff13bd3adaDelivery options: https://illumos.topicbox.com/groups/developer/subscription

[-- Attachment #1.2: Type: text/html, Size: 3512 bytes --]

Re: [developer] dual share via cifs and nfs

[Gordon Ross]

Yea, and (oh, yeah, I forgot to add a detail)
when setting up SMB user accounts, you must:
Add this to pam.conf
other password required pam_smb_passwd.so.1 nowarn
then do "smbadm enable-user", passwd user
so the SMB p/w hashes end up int /var/smb/smbpasswd

On Tue, Feb 6, 2024 at 3:28 AM Gabriele Bulfon via illumos-developer
<developer@lists.illumos.org> wrote:
>
> Thanks! Is it necessary to use "smbadm enable user" instead of just using unix passwd users and ACLs with those users?
> I mean, they would be same usernames, and I have no domain in this case.
>
> Gabriele
>
>
> Sonicle S.r.l. : http://www.sonicle.com
> Music: http://www.gabrielebulfon.com
> eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
>
>
>
>
>
> ----------------------------------------------------------------------------------
>
> Da: Gordon Ross <gordon.w.ross@gmail.com>
> A: illumos-developer <developer@lists.illumos.org>
> Data: 6 febbraio 2024 1.12.14 CET
> Oggetto: Re: [developer] dual share via cifs and nfs
>
> There are a few things you need for cross-protocol sharing:
> 1: create the ZFS dataset with options: nbmand=on, casesensitivity=mixed
> 2: make sure you have some SMB accounts (smbadm enable user, and/or
> smbadm join ...)
> 3: Set ownership and ACLs to something Windows-friendly
>   (eg:  chmod A=everyone@:full_set:fd:allow /the/share/root
>    and then set ACLs how you want via windows right click)
> 4: setup idmap so that NFS will "see" something usable for UIDs and GIDs
>
> There are some more details about those steps in the SMB Admin guide:
> https://dlc.openindiana.org/docs/20090715/SSMBAG/html/smboverview.html
> Sorry that's a bit stale.  I have a somewhat updated version, but it's
> not "up" yet.
>
> On Mon, Feb 5, 2024 at 2:51 AM Gabriele Bulfon via illumos-developer
> <developer@lists.illumos.org> wrote:
> >
> > Hi, what are the correct settings for a zfs share to be visible both via cifs and nfs (cifs for smb users, nfs for a server)?
> > I need to be sure both will be using the same user to access files, as the nfs client will be creating files for smb users and vice versa.
> >
> > Gabriele
> >
> >
> > Sonicle S.r.l. : http://www.sonicle.com
> > Music: http://www.gabrielebulfon.com
> > eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
> >
> > illumos / illumos-developer / see discussions + participants + delivery options Permalink
>
> ------------------------------------------
> illumos: illumos-developer
> Permalink: https://illumos.topicbox.com/groups/developer/T853ccac866b92198-M029acf623527b9ff13bd3ada
> Delivery options: https://illumos.topicbox.com/groups/developer/subscription
>
> illumos / illumos-developer / see discussions + participants + delivery options Permalink

Re: [developer] dual share via cifs and nfs

[Gabriele Bulfon]

[-- Attachment #1.1: Type: text/plain, Size: 3603 bytes --]

Ok, I found that part is already correct, pam.conf is ok, the web gui we built that also manage users already run smbadm enable/disable as needed, and smbpasswd contains the right stuff.
 
I still don't understand what I should do with NFS.
I have the dataset also shared as NFS with "sec=sys,root=@client-ip", and it creates files as root/644.
How do I force the NFS client to use a specific destination user (same as the smb one) so to operate correctly?
 
Gabriele
 
 
Sonicle S.r.l. : http://www.sonicle.com
Music: http://www.gabrielebulfon.com
eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
 




----------------------------------------------------------------------------------

Da: Gordon Ross <gordon.w.ross@gmail.com>
A: illumos-developer <developer@lists.illumos.org>
Data: 6 febbraio 2024 15.16.04 CET
Oggetto: Re: [developer] dual share via cifs and nfs

Yea, and (oh, yeah, I forgot to add a detail)when setting up SMB user accounts, you must:Add this to pam.confother password required pam_smb_passwd.so.1 nowarnthen do "smbadm enable-user", passwd userso the SMB p/w hashes end up int /var/smb/smbpasswdOn Tue, Feb 6, 2024 at 3:28 AM Gabriele Bulfon via illumos-developer<developer@lists.illumos.org> wrote:>> Thanks! Is it necessary to use "smbadm enable user" instead of just using unix passwd users and ACLs with those users?> I mean, they would be same usernames, and I have no domain in this case.>> Gabriele>>> Sonicle S.r.l. : http://www.sonicle.com> Music: http://www.gabrielebulfon.com> eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets>>>>>> ---------------------------------------------------------------------------------->> Da: Gordon Ross <gordon.w.ross@gmail.com>> A: illumos-developer <developer@lists.illumos.org>> Data: 6 febbraio 2024 1.12.14 CET> Oggetto: Re: [developer] dual share via cifs and nfs>> There are a few things you need for cross-protocol sharing:> 1: create the ZFS dataset with options: nbmand=on, casesensitivity=mixed> 2: make sure you have some SMB accounts (smbadm enable user, and/or> smbadm join ...)> 3: Set ownership and ACLs to something Windows-friendly>   (eg:  chmod A=everyone@:full_set:fd:allow /the/share/root>    and then set ACLs how you want via windows right click)> 4: setup idmap so that NFS will "see" something usable for UIDs and GIDs>> There are some more details about those steps in the SMB Admin guide:> https://dlc.openindiana.org/docs/20090715/SSMBAG/html/smboverview.html> Sorry that's a bit stale.  I have a somewhat updated version, but it's> not "up" yet.>> On Mon, Feb 5, 2024 at 2:51 AM Gabriele Bulfon via illumos-developer> <developer@lists.illumos.org> wrote:> >> > Hi, what are the correct settings for a zfs share to be visible both via cifs and nfs (cifs for smb users, nfs for a server)?> > I need to be sure both will be using the same user to access files, as the nfs client will be creating files for smb users and vice versa.> >> > Gabriele> >> >> > Sonicle S.r.l. : http://www.sonicle.com> > Music: http://www.gabrielebulfon.com> > eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets> >> > illumos / illumos-developer / see discussions + participants + delivery options Permalink> > illumos / illumos-developer / see discussions + participants + delivery options Permalink------------------------------------------illumos: illumos-developerPermalink: https://illumos.topicbox.com/groups/developer/T853ccac866b92198-M244d4452165c1306e90450f2Delivery options: https://illumos.topicbox.com/groups/developer/subscription

[-- Attachment #1.2: Type: text/html, Size: 5419 bytes --]

Re: [developer] dual share via cifs and nfs

[Toomas Soome]

[-- Attachment #1: Type: text/plain, Size: 4964 bytes --]



> On 7. Feb 2024, at 10:58, Gabriele Bulfon via illumos-developer <developer@lists.illumos.org> wrote:
> 
> Ok, I found that part is already correct, pam.conf is ok, the web gui we built that also manage users already run smbadm enable/disable as needed, and smbpasswd contains the right stuff.
>  
> I still don't understand what I should do with NFS.
> I have the dataset also shared as NFS with "sec=sys,root=@client-ip", and it creates files as root/644.
> How do I force the NFS client to use a specific destination user (same as the smb one) so to operate correctly?
>  
> Gabriele
>  
>  

with NFS you have the good old story: server and client need to have same users and if you are using auth_sys (auth_unix) authentication, the username,uid and gid values must match. That implies either “manual” passwd/group files replication or name service (ldap) setup. With NFSv4 + kerberos you do not need uid/gid values to be in sync, but you still need the same users and the proper setup of nfsv4_domain property so the server would accept the user name translations.

rgds,
toomas


> Sonicle S.r.l. : http://www.sonicle.com <https://www.sonicle.com/>
> Music: http://www.gabrielebulfon.com <http://www.gabrielebulfon.com/>
> eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
>  
> 
> 
> 
> ----------------------------------------------------------------------------------
> 
> Da: Gordon Ross <gordon.w.ross@gmail.com>
> A: illumos-developer <developer@lists.illumos.org>
> Data: 6 febbraio 2024 15.16.04 CET
> Oggetto: Re: [developer] dual share via cifs and nfs
> 
> Yea, and (oh, yeah, I forgot to add a detail)
> when setting up SMB user accounts, you must:
> Add this to pam.conf
> other password required pam_smb_passwd.so.1 nowarn
> then do "smbadm enable-user", passwd user
> so the SMB p/w hashes end up int /var/smb/smbpasswd
> 
> On Tue, Feb 6, 2024 at 3:28 AM Gabriele Bulfon via illumos-developer
> <developer@lists.illumos.org> wrote:
> >
> > Thanks! Is it necessary to use "smbadm enable user" instead of just using unix passwd users and ACLs with those users?
> > I mean, they would be same usernames, and I have no domain in this case.
> >
> > Gabriele
> >
> >
> > Sonicle S.r.l. : http://www.sonicle.com
> > Music: http://www.gabrielebulfon.com
> > eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
> >
> >
> >
> >
> >
> > ----------------------------------------------------------------------------------
> >
> > Da: Gordon Ross <gordon.w.ross@gmail.com>
> > A: illumos-developer <developer@lists.illumos.org>
> > Data: 6 febbraio 2024 1.12.14 CET
> > Oggetto: Re: [developer] dual share via cifs and nfs
> >
> > There are a few things you need for cross-protocol sharing:
> > 1: create the ZFS dataset with options: nbmand=on, casesensitivity=mixed
> > 2: make sure you have some SMB accounts (smbadm enable user, and/or
> > smbadm join ...)
> > 3: Set ownership and ACLs to something Windows-friendly
> >   (eg:  chmod A=everyone@:full_set:fd:allow /the/share/root
> >    and then set ACLs how you want via windows right click)
> > 4: setup idmap so that NFS will "see" something usable for UIDs and GIDs
> >
> > There are some more details about those steps in the SMB Admin guide:
> > https://dlc.openindiana.org/docs/20090715/SSMBAG/html/smboverview.html
> > Sorry that's a bit stale.  I have a somewhat updated version, but it's
> > not "up" yet.
> >
> > On Mon, Feb 5, 2024 at 2:51 AM Gabriele Bulfon via illumos-developer
> > <developer@lists.illumos.org> wrote:
> > >
> > > Hi, what are the correct settings for a zfs share to be visible both via cifs and nfs (cifs for smb users, nfs for a server)?
> > > I need to be sure both will be using the same user to access files, as the nfs client will be creating files for smb users and vice versa.
> > >
> > > Gabriele
> > >
> > >
> > > Sonicle S.r.l. : http://www.sonicle.com
> > > Music: http://www.gabrielebulfon.com
> > > eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
> > >
> > > illumos / illumos-developer / see discussions + participants + delivery options Permalink
> > 
> > illumos / illumos-developer / see discussions + participants + delivery options Permalink
> 
> ------------------------------------------
> illumos: illumos-developer
> Permalink: https://illumos.topicbox.com/groups/developer/T853ccac866b92198-M244d4452165c1306e90450f2
> Delivery options: https://illumos.topicbox.com/groups/developer/subscription
> illumos <https://illumos.topicbox.com/latest> / illumos-developer / see discussions <https://illumos.topicbox.com/groups/developer> + participants <https://illumos.topicbox.com/groups/developer/members> + delivery options <https://illumos.topicbox.com/groups/developer/subscription>Permalink <https://illumos.topicbox.com/groups/developer/T853ccac866b92198-M4febc64a4463896439b854cb>

[-- Attachment #2: Type: text/html, Size: 7056 bytes --]

Re: [developer] dual share via cifs and nfs

[Marcel Telka]

On Wed, Feb 07, 2024 at 11:12:37AM +0200, Toomas Soome via illumos-developer wrote:
> with NFS you have the good old story: server and client need to have
> same users and if you are using auth_sys (auth_unix) authentication,
> the username,uid and gid values must match.

Not necessarily.  You can use gidmap/uidmap.  See share_nfs(8).

-- 
+-------------------------------------------+
| Marcel Telka   e-mail:   marcel@telka.sk  |
|                homepage: http://telka.sk/ |
+-------------------------------------------+

Re: [developer] dual share via cifs and nfs

[Gabriele Bulfon]

[-- Attachment #1.1: Type: text/plain, Size: 4978 bytes --]

Thanks Toomas, that's exactly what I want to avoid, as we'll have multiple zones with different passwd users each that cannot be matched in one unique NFS sharing system.

I've solved using mount -F smbfs, so everyone is using the same cifs users ;)

Gabriele
 
 
Sonicle S.r.l. : http://www.sonicle.com
Music: http://www.gabrielebulfon.com
eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
 

 


Da: Toomas Soome via illumos-developer <developer@lists.illumos.org>
A: illumos-developer <developer@lists.illumos.org>
Data: 7 febbraio 2024 10.12.37 CET
Oggetto: Re: [developer] dual share via cifs and nfs




On 7. Feb 2024, at 10:58, Gabriele Bulfon via illumos-developer <developer@lists.illumos.org> wrote:
Ok, I found that part is already correct, pam.conf is ok, the web gui we built that also manage users already run smbadm enable/disable as needed, and smbpasswd contains the right stuff.
 
I still don't understand what I should do with NFS.
I have the dataset also shared as NFS with "sec=sys,root=@client-ip", and it creates files as root/644.
How do I force the NFS client to use a specific destination user (same as the smb one) so to operate correctly?
 
Gabriele
 
 



 
with NFS you have the good old story: server and client need to have same users and if you are using auth_sys (auth_unix) authentication, the username,uid and gid values must match. That implies either “manual” passwd/group files replication or name service (ldap) setup. With NFSv4 + kerberos you do not need uid/gid values to be in sync, but you still need the same users and the proper setup of nfsv4_domain property so the server would accept the user name translations.
 
rgds,
toomas
 

Sonicle S.r.l. : http://www.sonicle.com
Music: http://www.gabrielebulfon.com
eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
 




----------------------------------------------------------------------------------

Da: Gordon Ross <gordon.w.ross@gmail.com>
A: illumos-developer <developer@lists.illumos.org>
Data: 6 febbraio 2024 15.16.04 CET
Oggetto: Re: [developer] dual share via cifs and nfs

Yea, and (oh, yeah, I forgot to add a detail)when setting up SMB user accounts, you must:Add this to pam.confother password required pam_smb_passwd.so.1 nowarnthen do "smbadm enable-user", passwd userso the SMB p/w hashes end up int /var/smb/smbpasswdOn Tue, Feb 6, 2024 at 3:28 AM Gabriele Bulfon via illumos-developer<developer@lists.illumos.org> wrote:>> Thanks! Is it necessary to use "smbadm enable user" instead of just using unix passwd users and ACLs with those users?> I mean, they would be same usernames, and I have no domain in this case.>> Gabriele>>> Sonicle S.r.l. : http://www.sonicle.com> Music: http://www.gabrielebulfon.com> eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets>>>>>> ---------------------------------------------------------------------------------->> Da: Gordon Ross <gordon.w.ross@gmail.com>> A: illumos-developer <developer@lists.illumos.org>> Data: 6 febbraio 2024 1.12.14 CET> Oggetto: Re: [developer] dual share via cifs and nfs>> There are a few things you need for cross-protocol sharing:> 1: create the ZFS dataset with options: nbmand=on, casesensitivity=mixed> 2: make sure you have some SMB accounts (smbadm enable user, and/or> smbadm join ...)> 3: Set ownership and ACLs to something Windows-friendly>   (eg:  chmod A=everyone@:full_set:fd:allow /the/share/root>    and then set ACLs how you want via windows right click)> 4: setup idmap so that NFS will "see" something usable for UIDs and GIDs>> There are some more details about those steps in the SMB Admin guide:> https://dlc.openindiana.org/docs/20090715/SSMBAG/html/smboverview.html> Sorry that's a bit stale.  I have a somewhat updated version, but it's> not "up" yet.>> On Mon, Feb 5, 2024 at 2:51 AM Gabriele Bulfon via illumos-developer> <developer@lists.illumos.org> wrote:> >> > Hi, what are the correct settings for a zfs share to be visible both via cifs and nfs (cifs for smb users, nfs for a server)?> > I need to be sure both will be using the same user to access files, as the nfs client will be creating files for smb users and vice versa.> >> > Gabriele> >> >> > Sonicle S.r.l. : http://www.sonicle.com> > Music: http://www.gabrielebulfon.com> > eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets> >> > illumos / illumos-developer / see discussions + participants + delivery options Permalink> > illumos / illumos-developer / see discussions + participants + delivery options Permalink------------------------------------------illumos: illumos-developerPermalink: https://illumos.topicbox.com/groups/developer/T853ccac866b92198-M244d4452165c1306e90450f2Delivery options: https://illumos.topicbox.com/groups/developer/subscription



illumos / illumos-developer / see discussions + participants + delivery options Permalink

[-- Attachment #1.2: Type: text/html, Size: 8964 bytes --]

Re: [developer] dual share via cifs and nfs

[Gordon Ross]

For a small-ish number of users, I'd suggest idmap rules for that.

On Wed, Feb 7, 2024 at 3:59 AM Gabriele Bulfon via illumos-developer
<developer@lists.illumos.org> wrote:
>
> Ok, I found that part is already correct, pam.conf is ok, the web gui we built that also manage users already run smbadm enable/disable as needed, and smbpasswd contains the right stuff.
>
> I still don't understand what I should do with NFS.
> I have the dataset also shared as NFS with "sec=sys,root=@client-ip", and it creates files as root/644.
> How do I force the NFS client to use a specific destination user (same as the smb one) so to operate correctly?
>
> Gabriele
>
>
> Sonicle S.r.l. : http://www.sonicle.com
> Music: http://www.gabrielebulfon.com
> eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
>
>
>
>
>
> ----------------------------------------------------------------------------------
>
> Da: Gordon Ross <gordon.w.ross@gmail.com>
> A: illumos-developer <developer@lists.illumos.org>
> Data: 6 febbraio 2024 15.16.04 CET
> Oggetto: Re: [developer] dual share via cifs and nfs
>
> Yea, and (oh, yeah, I forgot to add a detail)
> when setting up SMB user accounts, you must:
> Add this to pam.conf
> other password required pam_smb_passwd.so.1 nowarn
> then do "smbadm enable-user", passwd user
> so the SMB p/w hashes end up int /var/smb/smbpasswd
>
> On Tue, Feb 6, 2024 at 3:28 AM Gabriele Bulfon via illumos-developer
> <developer@lists.illumos.org> wrote:
> >
> > Thanks! Is it necessary to use "smbadm enable user" instead of just using unix passwd users and ACLs with those users?
> > I mean, they would be same usernames, and I have no domain in this case.
> >
> > Gabriele
> >
> >
> > Sonicle S.r.l. : http://www.sonicle.com
> > Music: http://www.gabrielebulfon.com
> > eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
> >
> >
> >
> >
> >
> > ----------------------------------------------------------------------------------
> >
> > Da: Gordon Ross <gordon.w.ross@gmail.com>
> > A: illumos-developer <developer@lists.illumos.org>
> > Data: 6 febbraio 2024 1.12.14 CET
> > Oggetto: Re: [developer] dual share via cifs and nfs
> >
> > There are a few things you need for cross-protocol sharing:
> > 1: create the ZFS dataset with options: nbmand=on, casesensitivity=mixed
> > 2: make sure you have some SMB accounts (smbadm enable user, and/or
> > smbadm join ...)
> > 3: Set ownership and ACLs to something Windows-friendly
> >   (eg:  chmod A=everyone@:full_set:fd:allow /the/share/root
> >    and then set ACLs how you want via windows right click)
> > 4: setup idmap so that NFS will "see" something usable for UIDs and GIDs
> >
> > There are some more details about those steps in the SMB Admin guide:
> > https://dlc.openindiana.org/docs/20090715/SSMBAG/html/smboverview.html
> > Sorry that's a bit stale.  I have a somewhat updated version, but it's
> > not "up" yet.
> >
> > On Mon, Feb 5, 2024 at 2:51 AM Gabriele Bulfon via illumos-developer
> > <developer@lists.illumos.org> wrote:
> > >
> > > Hi, what are the correct settings for a zfs share to be visible both via cifs and nfs (cifs for smb users, nfs for a server)?
> > > I need to be sure both will be using the same user to access files, as the nfs client will be creating files for smb users and vice versa.
> > >
> > > Gabriele
> > >
> > >
> > > Sonicle S.r.l. : http://www.sonicle.com
> > > Music: http://www.gabrielebulfon.com
> > > eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
> > >
> > > illumos / illumos-developer / see discussions + participants + delivery options Permalink
> >
> > illumos / illumos-developer / see discussions + participants + delivery options Permalink
>
> ------------------------------------------
> illumos: illumos-developer
> Permalink: https://illumos.topicbox.com/groups/developer/T853ccac866b92198-M244d4452165c1306e90450f2
> Delivery options: https://illumos.topicbox.com/groups/developer/subscription
>
> illumos / illumos-developer / see discussions + participants + delivery options Permalink

SMB Administration Guide (was: dual share via cifs and nfs)

[Gordon Ross]

There's now an updated version of the SMB Administration Guide here:
https://illumos.org/books/smb-admin/

Thanks to Robert Mustacchi and Josh Clulow for helping me get past
varioius obstacles so we could update it and post the new version.
Distributions might find this helpful.

There are quite a few things in the old guide that are no longer correct.
It's probably still not perfect, so if you have corrections or
improvements to suggest, please send them to me and/or the developers
list.

Thanks!

On Mon, Feb 5, 2024 at 7:12 PM Gordon Ross <gordon.w.ross@gmail.com> wrote:
>
> There are a few things you need for cross-protocol sharing:
> 1: create the ZFS dataset with options: nbmand=on, casesensitivity=mixed
> 2: make sure you have some SMB accounts (smbadm enable user, and/or
> smbadm join ...)
> 3: Set ownership and ACLs to something Windows-friendly
>   (eg:  chmod A=everyone@:full_set:fd:allow /the/share/root
>    and then set ACLs how you want via windows right click)
> 4: setup idmap so that NFS will "see" something usable for UIDs and GIDs
>
> There are some more details about those steps in the SMB Admin guide:
> https://dlc.openindiana.org/docs/20090715/SSMBAG/html/smboverview.html
> Sorry that's a bit stale.  I have a somewhat updated version, but it's
> not "up" yet.
>
> On Mon, Feb 5, 2024 at 2:51 AM Gabriele Bulfon via illumos-developer
> <developer@lists.illumos.org> wrote:
> >
> > Hi, what are the correct settings for a zfs share to be visible both via cifs and nfs (cifs for smb users, nfs for a server)?
> > I need to be sure both will be using the same user to access files, as the nfs client will be creating files for smb users and vice versa.
> >
> > Gabriele
> >
> >
> > Sonicle S.r.l. : http://www.sonicle.com
> > Music: http://www.gabrielebulfon.com
> > eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
> >
> > illumos / illumos-developer / see discussions + participants + delivery options Permalink