我在托管我们主目录的Ubuntu机器上运行ZFS.该池具有以下ACL设置:
- # zfs get all homes | grep acl
- homes aclinherit restricted default
- homes acltype off default
这里我有两个具有相同权限的常规文件:
- # getfacl 1.txt 2.txt
- # file: 1.txt
- # owner: usr
- # group: grp
- user::rw-
- group::r--
- other::r--
- # file: 2.txt
- # owner: usr
- # group: grp
- user::rw-
- group::r--
- other::r--
每天晚上我都会向Solaris 8上运行ZFS的计算机发送增量快照
- zfs send -i homes@$PREV_BACKUP homes@$CURRENT_BACKUP | \
- ssh solarishost zfs receive -vFd homes_backup
Solaris主机上的文件系统具有以下ACL设置:
- # zfs get all homes_backup | grep acl
- homes_backup aclmode passthrough local
- homes_backup aclinherit restricted default
当我在Solaris主机上检查快照中的文件时,我看到最近的一个(1.txt)没有设置任何ACL:
- # /usr/bin/ls -v 1.txt 2.txt
- -rw-r--r-- 1 2428 2000 2170 Oct 12 13:42 1.txt
- -rw-r--r-- 1 2428 2000 2146 May 31 2013 2.txt
- 0:owner@:execute:deny
- 1:owner@:read_data/write_data/append_data/write_xattr/write_attributes
- /write_acl/write_owner:allow
- 2:group@:write_data/append_data/execute:deny
- 3:group@:read_data:allow
- 4:everyone@:write_data/append_data/write_xattr/execute/write_attributes
- /write_acl/write_owner:deny
- 5:everyone@:read_data/read_xattr/read_attributes/read_acl/synchronize
- :allow
现在,当我在Ubuntu客户端上安装solarishost-snapshot时,我可以看到这些文件并且它们似乎具有相同的权限,但我无法读取1.txt:
- # cat 2.txt >/dev/null; echo $?
- 0
- # cat 1.txt >/dev/null; echo $?
- cat: 1.txt: Permission denied
- 1
再次,看起来与Ubuntu客户端相同:
- # getfacl 1.txt 2.txt
- # file: 1.txt
- # owner: usr
- # group: grp
- user::rw-
- group::r--
- mask::rwx
- other::r--
- # file: 2.txt
- # owner: usr
- # group: grp
- user::rw-
- group::r--
- mask::rwx
- other::r--
- # ls -l 1.txt 2.txt
- -rw-r--r--+ 1 usr grp 2.2K Oct 12 13:42 1.txt
- -rw-r--r--+ 1 usr grp 2.1K May 31 2013 2.txt
我现在的问题是:如何设置从Ubuntu到Solaris的快照创建,以便Solaris主机上的ACL允许用户安装快照并读取自己的文件?看起来所有最近备份的文件都会受到影响.
