ACLs on shares
ACL on shares was introduced by Windows to restrict access independently and additionally to
permissions on files and folders, mainly to restrict access without the need to modify file attributes.
On Solaris, a share control file is used that is created when you enable a share.
ex if you enabler a SMB share share tank/userdata, you find the share control file as
/tank/userdata/.zfs/shares/userdata
You can set share level ACL via napp-it/ ACL extension, or remotely via Windows server management
(You must connect a share/ server management as a user that is a member of the SMB admin group.)
examples:
File ACL:
full access
Share ACL:
readonly
real permission: readonly
File ACL:
readonly
Share ACL:
full
real permission: readonly
File ACL:
full
Share ACL:
user: paul=full
real permission: paul= full, no other user allowed
The default share-level ACL is: full access
(only file attributes are relevant)
Modifications on share level ACL require that you disable/enable a share
or restart the SMB service to take effect.
Содержание ZFS Storage
Страница 8: ...3 1 ZFS Configurations...
Страница 45: ...Example Map Chenbro 50 x 3 5 Bay...