ONTAP Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ONTAP Discussions

Ask a Question

Mixed Security Style and Multiprotocol Access

ERKANAKSOY
‎2014-11-20 01:21 AM
5,458 Views

Hello,

I have a mixed mode security style qtree and I have shared it via CIFS and exported with NFS.

From a Windows client I can access, modify and create files. It's working OK.

From a RedHat 6 server I can access, modify files but not create. Export settings are looking to be true, NFS client IP has R/W access. When I try to create a file following happens :

 

[root@servername mixed]# touch x
touch: cannot touch `x': Permission denied

 

Any ideas whats going wrong here?

Thanks

 

DataONTAP 8.2 7-Mode

0 Kudos
View By:
1 ACCEPTED SOLUTION

georgevj
NetApp
‎2014-11-20 03:24 AM
5,451 Views

Most probably because you do not have "write" permissions on the parent directory of "x".

This happens even for root because the effective security style of the volume would be NTFS at this time.

You can check this with the command " fsecurity show /vol/mixedvol" (substitute the appropriate volume name here)

 

The solution is to put correct name mapping in place via /etc/usermap.cfg.

Setting the option "cifs.nfs_root_ignore_acl" to "on"  may help for root user's access to the files.

 

You may also review the option "cifs.preserve_unix_security" and see if it applies here.

Check with "man options" for more details.

 

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
Cannot find the answer you need? No need to open a support case - just CHAT and we’ll handle it for you.

View solution in original post

0 Kudos
1 REPLY 1

georgevj
NetApp
‎2014-11-20 03:24 AM
5,452 Views

Most probably because you do not have "write" permissions on the parent directory of "x".

This happens even for root because the effective security style of the volume would be NTFS at this time.

You can check this with the command " fsecurity show /vol/mixedvol" (substitute the appropriate volume name here)

 

The solution is to put correct name mapping in place via /etc/usermap.cfg.

Setting the option "cifs.nfs_root_ignore_acl" to "on"  may help for root user's access to the files.

 

You may also review the option "cifs.preserve_unix_security" and see if it applies here.

Check with "man options" for more details.

 

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
Cannot find the answer you need? No need to open a support case - just CHAT and we’ll handle it for you.
0 Kudos
Announcements
All Community Forums
Public