Video Screencast Help

Setting up Solaris ACLs on VxFS Mount-points

Created: 04 Jun 2014 • Updated: 12 Jun 2014 | 3 comments
This issue has been solved. See solution.

Hi All,

I'm having Solaris 10 3/05 Release on Sparc Machine which contains VxFS mount-points.

I tried to define default ACL permissions which can be set on directories to the mount-points also, but couldn't accomplish my task.

My requirement is to give read-only access to a list of users to the entire VxFS File system. Can we use Solaris based getfacl and setfacl to set read-only permission to the entire VxFS File system along with its directories,sub-directories and files.

All replies and suggestions are welcome. Response is highly appreciated.
 

Thanks,
Danish.

Operating Systems:

Comments 3 CommentsJump to latest comment

Gaurav Sangamnerkar's picture

Had a look at SF Admin guide for 6.0, from that I see

Access Control Lists
An Access Control List (ACL) stores a series of entries that identify specific users
or groups and their access privileges for a directory or file. A file may have its
own ACL or may share an ACL with other files. ACLs have the advantage of
specifying detailed access permissions for multiple users and groups. On Solaris
SPARC, ACLs are supported on cluster file systems.
See the getfacl(1) and setfacl(1) manual pages.

So yes, its supported on cluster filesystems, nothing mentioned though for non clustered vxfs filesystems

G

PS: If you are happy with the answer provided, please mark the post as solution. You can do so by clicking link "Mark as Solution" below the answer provided.
 

Gaurav Sangamnerkar's picture

SF 6.1 guide pretty much says same, nothing mentioned for standalone vxfs, only supported for clustered filesystems (CFS)

you can see it here

https://sort.symantec.com/public/documents/sfha/6....

G

PS: If you are happy with the answer provided, please mark the post as solution. You can do so by clicking link "Mark as Solution" below the answer provided.
 

mikebounds's picture

The 5.1 vxfs admin guide says:

The Version 4 disk layout supports Access Control Lists

This doesn't distinguish between whether you mount the file system from multiple nodes (CFS) or standalone.

I looked at 6.1 SF admin guide and I can't find a list of features that a vxfs filesystem supports as the guide only list new feaures introduced from version 6 onwards and doesn't mention standard features availble from layout verison 5 and earlier.  

So as ACL is still supported as pointed out by Gaurav in 6.0 (and in 6.1), I think the reference to "are supported on cluster file systems" just means that ACLS work on cluster file systems as well as when mounted standalone as I think there are some features of vxfs that are not supported on cfs. 

What issues are you experiencing - I would try and do what you want to acheive on ufs first to discount vxfs being the issue as the documention on ACL support for vxfs is poor.  My understanding of standard UNIX file permissions which I think also applies to ACLs is that to make a fileysystem read-only you need to set:
Readonly on all directories and subdirectories which prevent users creating new files
Readonly on all files to prevent users modifying files

i.e I don't think there is any single setting you can set to make a read-only filesystem other than to mount it readonly, but this makes it readonly for all users.

Mike

UK Symantec Consultant in VCS, GCO, SF, VVR, VxAT on Solaris, AIX, HP-ux, Linux & Windows

If this post has answered your question then please click on "Mark as solution" link below

SOLUTION