NFSv3 of course doesn't support ZFS ACL's, but what will happen if I have the following setup?:
+-----------------------------------------+ +-------------+
| FreeBSD ZFS serv1 | NFSv3 | Linux serv2 |
| user1: read/write to /zfs/project1 | <--------- | user1 |
| user2: deny read/write to /zfs/project1 | | user2 |
+-----------------------------------------+ +-------------+
ZFS ACL's have been set on serv1 and serv2 mounts over NFSv3.
Question
I assume uers1
will be able to read/write as that is what NFSv3 world normally do.
But will user2
be denied?
Best Answer
Ben Rockwood (solaris guru) blogged about this in greater detail: NFS ZFS ACL's. The part that pertains to your question is a few sections down.
In short, it won't work. You need to upgrade to NFSv4 (eh), or use POSIX ACL's on a different FS (boo!).
I say "eh" about NFSv4 b/c I tried to figure it out a few times & failed. It seems to require a very homogenous environment centered around LDAP & Kerberos, which is actually great from a security standpoint, but a bummer if you just want to test stuff & don't have all those things. Hopefully you'll have better luck.