No acl on nfs mount in linux?
I have several RHEL6 machines. One is exporting an nfs mount to the rest. I have ACL's set on the server (set using setfacl -m
), but none of the clients are seeing any of them.
Here is my export on server1:
/myexport server2.example.com(rw,async,no_root_squash)
Here is my fstab on server2:
server1.example.com:/myexport /mnt nfs4 noatime,async,lock 0 0
I have tried adding acl to my fstab mount options with no luck. Anyone know why I cannot see the ACL's on the client?
The ACL are used and active over NFS. Use the command nfs4_getfacl
to show the ACL on an NFSv4 mount:
$ nfs4_getfacl /tmp/test
A::OWNER@:rwatTnNcCy
A::[email protected]:rxtncy
A::[email protected]:rwadtTnNcCy
A:g:GROUP@:rtncy
D:g:GROUP@:waxTC
A::EVERYONE@:rtncy
D::EVERYONE@:waxTC
The reason why the ACL look so different compared to Linux ACL? Because NFSv4 ACL and Linux ACL acl(5) are completely different standard ! The Linux NFS server will translate the ACL back and forth.
It's very unfortunate that linux ls
don't show +
for file with NFSv ACL on the client.. that's misleading.
To use POSIX ACLs with NFS, you had to use NFSv3.
NFSv4 ACLs are way different that POSIX ACLs. The first one are set using the very specific nfs4_getacl and nfs4_setacl, while the latter are configured with the standard getfacl/setfacl binaries. In short, NFSv4 ACLs have nothing to do with POSIX ACLs (NFSv4 acls are much closer to the CIFS ACLs used in Windows environment, by the way).