cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Setting up Solaris ACLs on VxFS Mount-points

Go to solution
M_Danish
Level 3

‎06-04-2014 07:36 AM

Hi All,

I'm having Solaris 10 3/05 Release on Sparc Machine which contains VxFS mount-points.

I tried to define default ACL permissions which can be set on directories to the mount-points also, but couldn't accomplish my task.

 

My requirement is to give read-only access to a list of users to the entire VxFS File system. Can we use Solaris based getfacl and setfacl to set read-only permission to the entire VxFS File system along with its directories,sub-directories and files.

 

All replies and suggestions are welcome. Response is highly appreciated.
 

Thanks,
Danish.

 

 

 

1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
mikebounds
Level 6
Partner Accredited

‎06-04-2014 09:20 AM

The 5.1 vxfs admin guide says:

The Version 4 disk layout supports Access Control Lists

This doesn't distinguish between whether you mount the file system from multiple nodes (CFS) or standalone.

I looked at 6.1 SF admin guide and I can't find a list of features that a vxfs filesystem supports as the guide only list new feaures introduced from version 6 onwards and doesn't mention standard features availble from layout verison 5 and earlier.  

So as ACL is still supported as pointed out by Gaurav in 6.0 (and in 6.1), I think the reference to "are supported on cluster file systems" just means that ACLS work on cluster file systems as well as when mounted standalone as I think there are some features of vxfs that are not supported on cfs. 

What issues are you experiencing - I would try and do what you want to acheive on ufs first to discount vxfs being the issue as the documention on ACL support for vxfs is poor.  My understanding of standard UNIX file permissions which I think also applies to ACLs is that to make a fileysystem read-only you need to set:
Readonly on all directories and subdirectories which prevent users creating new files
Readonly on all files to prevent users modifying files

i.e I don't think there is any single setting you can set to make a read-only filesystem other than to mount it readonly, but this makes it readonly for all users.

Mike

View solution in original post

0 Kudos
3 REPLIES 3

Go to solution
Gaurav_S
Moderator
Moderator
   VIP    Certified

‎06-04-2014 08:34 AM

Had a look at SF Admin guide for 6.0, from that I see

Access Control Lists
An Access Control List (ACL) stores a series of entries that identify specific users
or groups and their access privileges for a directory or file. A file may have its
own ACL or may share an ACL with other files. ACLs have the advantage of
specifying detailed access permissions for multiple users and groups. On Solaris
SPARC, ACLs are supported on cluster file systems.
See the getfacl(1) and setfacl(1) manual pages.

 

So yes, its supported on cluster filesystems, nothing mentioned though for non clustered vxfs filesystems

 

G

0 Kudos

Go to solution
Gaurav_S
Moderator
Moderator
   VIP    Certified

‎06-04-2014 08:37 AM

SF 6.1 guide pretty much says same, nothing mentioned for standalone vxfs, only supported for clustered filesystems (CFS)

you can see it here

https://sort.symantec.com/public/documents/sfha/6.1/solaris/productguides/html/sf_admin/ch04s01.htm

 

G

0 Kudos

Go to solution
mikebounds
Level 6
Partner Accredited

‎06-04-2014 09:20 AM

The 5.1 vxfs admin guide says:

The Version 4 disk layout supports Access Control Lists

This doesn't distinguish between whether you mount the file system from multiple nodes (CFS) or standalone.

I looked at 6.1 SF admin guide and I can't find a list of features that a vxfs filesystem supports as the guide only list new feaures introduced from version 6 onwards and doesn't mention standard features availble from layout verison 5 and earlier.  

So as ACL is still supported as pointed out by Gaurav in 6.0 (and in 6.1), I think the reference to "are supported on cluster file systems" just means that ACLS work on cluster file systems as well as when mounted standalone as I think there are some features of vxfs that are not supported on cfs. 

What issues are you experiencing - I would try and do what you want to acheive on ufs first to discount vxfs being the issue as the documention on ACL support for vxfs is poor.  My understanding of standard UNIX file permissions which I think also applies to ACLs is that to make a fileysystem read-only you need to set:
Readonly on all directories and subdirectories which prevent users creating new files
Readonly on all files to prevent users modifying files

i.e I don't think there is any single setting you can set to make a read-only filesystem other than to mount it readonly, but this makes it readonly for all users.

Mike

0 Kudos