View previous topic :: View next topic |
Author |
Message |
manu_leo Guru
Joined: 20 Jan 2014 Posts: 513 Location: India
|
Posted: Wed Oct 31, 2018 9:16 am Post subject: Setfacl not working as expected |
|
|
Hi Everyone, I have a NFS Server-Client setup where I am trying to use setfacl on Client end to restrict who all remote users can write to the disk of the nfs server.
NFS_Server - 192.168.100.1
NFS_Client - 192.168.100.10
User - harry
So here is what I have -
1. In the kernel I have ext4 acl support enabled
Quote: | # grep -i acl /boot/config*
CONFIG_EXT4_FS_POSIX_ACL=y
# CONFIG_XFS_POSIX_ACL is not set
CONFIG_FS_POSIX_ACL=y
CONFIG_TMPFS_POSIX_ACL=y
CONFIG_NFS_V3_ACL=y
# CONFIG_NFSD_V3_ACL is not set
CONFIG_NFS_ACL_SUPPORT=y |
2. I have mounted the drives using acl option as below -
Quote: | mount -o acl /dev/sdb1 /home/test |
3. vim /etc/exports
Quote: | /home/test 192.168.100.10/32(no_root_squash,rw,sync,no_subtree_check) |
4. exportfs -a
ON NFS_CLIENT -
1. I mount the NFS_SERVER as below -
Quote: | mount 192.168.100.1:/home/test /home/test |
ls -ld /home/test
Quote: | drwxrwxr-x 6 root root 4096 Oct 31 14:29 /home/test |
Now when I run setfacl on the NFS_CLIENT as below -
setfacl -m u:harry:rwx /home/test
Quote: | setfacl: /home/test: Operation not supported |
here is where I get the Operation not supported. How to come over this issue - NFS_CLIENT has rw permission on the NFS_Server. I am getting this on few servers now.
Appreciate all your help and thanks in advance. |
|
Back to top |
|
|
gerdesj l33t
Joined: 29 Sep 2005 Posts: 621 Location: Yeovil, Somerset, UK
|
Posted: Sun Dec 02, 2018 12:57 am Post subject: Re: Setfacl not working as expected |
|
|
I may be missing the point but I think you should be running setfacl on the server itself in this case because the ACL you are amending is the root of the mountpoint and a client should not be able to give itself rights it doesn't have already (a chicken and egg scenario).
Cheers
Jon |
|
Back to top |
|
|
mike155 Advocate
Joined: 17 Sep 2010 Posts: 4438 Location: Frankfurt, Germany
|
Posted: Sun Dec 02, 2018 1:21 am Post subject: |
|
|
Quote: | On the server:
# CONFIG_NFSD_V3_ACL is not set
|
Why is CONFIG_NFSD_V3_ACL disabled on the server? If you want to use ACLs over NFSv3, this option must be enabled. |
|
Back to top |
|
|
|