| Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback |
| Sun System Handbook - ISO 3.4 June 2011 Internal/Partner Edition | ||
|
|
||
 |
||||||||||||
Solution Type Problem Resolution Sure Solution 1009953.1 : Changing Windows object permissions for objects stored on UNIX[R] exports
PreviouslyPublishedAs 213637 Symptoms Windows objects such as files or folders created on an export accessible via a Unix client cannot have their permissions changed from the UNIX[R]client or NAS head. Resolution A NAS volume, and directory structure exists, this directory contains both a Windows share AND a Unix export for the directory. Scenario 1: # chmod 775 TEST2 chmod: WARNING: can't change TEST2 Scenario 2: NAS> chmod 775 users/garcias/TEST2 [DEBUG] mode: 0775 Vol1/TEST2: EPERM Operation not permitted By default, Unix users are prevented from manipulating the CIFS security descriptor which means that the attributes of a Windows object cannot be changed using NFS. However, this behavior is configurable, If the above acl protection is disabled, UNIX commands, such as chown, chgrp, and chmod are permitted. If the attributes of a Windows object are modified using NFS, the Windows security descriptor will be deleted and the object will become a Unix object.
fsctl acl protect off In this case, no reboot is required.
set acl.overwrite.allowed savevars In this case, a reboot is required. See the Sun StorageTek[TM] NAS OS Administration Guide for additional information regarding the default volume behavior, the Windows security descriptor and the acl.overwrite.allowed Environment Variable. If this is a customer system, be very careful to ensure that the deletion of acl information when modifying security from UNIX clients is acceptable to the customer. Product Sun StorageTek 5320 NAS Gateway/Cluster System Sun StorageTek 5320 NAS Appliance Sun StorageTek 5320 Sun StorageTek 5310 NAS Gateway/Cluster System Sun StorageTek 5310 NAS Gateway System Sun StorageTek 5310 NAS Appliance Sun StorageTek 5220 NAS Appliance Sun StorageTek 5220 Sun StorageTek 5210 NAS Appliance NAS, 5210.5310, 5320, Permission, Windows object Previously Published As 89939 Change History Date: 2007-07-05 User Name: 97961 Action: Approved Comment: - Audience changed to "Contract" per FvF http://kmo.central/howto/FvF.html Also refer to: http://kmo.central/howto/content/voyager-contributor-standards.html - Applied trademarking where it is missing Version: 3 Date: 2007-07-05 User Name: 97961 Action: Accept Comment: Version: 0 Date: 2007-07-05 User Name: 160775 Action: Approved Comment: Reviewed/Edited for accuracy. Version: 0 Date: 2007-07-05 User Name: 160775 Action: Add Comment Comment: Cleaned up, added emphasis and warnings about ACL deletion, updated commands to 4.21 versions, added reboot step to pre-4.21 instructions. Version: 0 Date: 2007-06-25 User Name: 160775 Action: Accept Comment: Version: 0 Date: 2007-06-25 User Name: 119902 Action: Approved Comment: Please review for technical accuracy Version: 0 Date: 2007-06-25 User Name: 119902 Action: Created Comment: Version: 0 Product_uuid ef8d4cb2-9cd6-11da-85b4-080020a9ed93|Sun StorageTek 5320 NAS Gateway/Cluster System 27ca3082-cb13-11da-857a-080020a9ed93|Sun StorageTek 5320 NAS Appliance 9d23ea64-a8be-11da-85b4-080020a9ed93|Sun StorageTek 5320 fb861199-9cd7-11da-85b4-080020a9ed93|Sun StorageTek 5310 NAS Gateway/Cluster System 8a8b6eeb-092e-11da-99bc-080020a9ed93|Sun StorageTek 5310 NAS Gateway System 63654ce5-f88d-11d8-ab63-080020a9ed93|Sun StorageTek 5310 NAS Appliance a656fa3d-fc97-11da-ac3d-080020a9ed93|Sun StorageTek 5220 NAS Appliance 77a19d66-bc99-11db-8069-080020a9ed93|Sun StorageTek 5220 d4e4fc3d-7c3f-11d8-9e3a-080020a9ed93|Sun StorageTek 5210 NAS Appliance Attachments This solution has no attachment |
||||||||||||
|
||||||||||||