diff options
Diffstat (limited to '')
-rw-r--r-- | docs-xml/manpages/vfs_nfs4acl_xattr.8.xml | 172 |
1 files changed, 172 insertions, 0 deletions
diff --git a/docs-xml/manpages/vfs_nfs4acl_xattr.8.xml b/docs-xml/manpages/vfs_nfs4acl_xattr.8.xml new file mode 100644 index 0000000..d4ce40b --- /dev/null +++ b/docs-xml/manpages/vfs_nfs4acl_xattr.8.xml @@ -0,0 +1,172 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc"> +<ns:Root xmlns:xi="http://www.w3.org/2003/XInclude" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:ns="urn:TestNamespace"> +<refentry id="vfs_nfs4acl_xattr.8"> + + <refmeta> + <refentrytitle>vfs_nfs4acl_xattr</refentrytitle> + <manvolnum>8</manvolnum> + <refmiscinfo class="source">Samba</refmiscinfo> + <refmiscinfo class="manual">System Administration tools</refmiscinfo> + <refmiscinfo class="version">&doc.version;</refmiscinfo> + </refmeta> + + + <refnamediv> + <refname>vfs_nfs4acl_xattr</refname> + <refpurpose>Save NTFS-ACLs as NFS4 encoded blobs in extended + attributes</refpurpose> + </refnamediv> + + <refsynopsisdiv> + <cmdsynopsis> + <command>vfs objects = nfs4acl_xattr</command> + </cmdsynopsis> + </refsynopsisdiv> + + <refsect1> + <title>DESCRIPTION</title> + + <para>This VFS module is part of the + <citerefentry><refentrytitle>samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para>The <command>vfs_acl_xattr</command> VFS module stores NTFS Access + Control Lists (ACLs) in Extended Attributes (EAs/xattrs). This enables the + full mapping of Windows ACLs on Samba servers. + </para> + + <para>This module is stackable.</para> + </refsect1> + + + <refsect1> + <title>OPTIONS</title> + + <xi:include href="nfs4.xml.include" xpointer="xpointer(*/*)" /> + + <variablelist> + + <varlistentry> + <term>nfs4acl_xattr:encoding = [nfs|ndr|xdr]</term> + <listitem> + <para>This parameter configures the marshaling format used in the ACL + blob and the default extended attribute name used to store the blob. + </para> + + <para>When set to <emphasis>nfs</emphasis> - fetch and store the NT + ACL in NFS 4.0 or 4.1 compatible XDR encoding. By default this uses + the extended attribute "system.nfs4_acl". This setting also + disables <emphasis>validate_mode</emphasis>.</para> + + <para>When set to <emphasis>ndr (default)</emphasis> - store the NT + ACL with POSIX draft NFSv4 compatible NDR encoding. By default this + uses the extended attribute "security.nfs4acl_ndr".</para> + + <para>When set to <emphasis>xdr</emphasis> - store the NT ACL in a + format similar to NFS 4.1 RFC 5661 in XDR encoding. The main + differences to RFC 5661 are the use of ids instead of strings as users + and group identifiers and an additional attribute per nfsace4. By + default this encoding stores the blob in the extended attribute + "security.nfs4acl_xdr".</para> + </listitem> + </varlistentry> + + <varlistentry> + <term>nfs4acl_xattr:version = [40|41]</term> + <listitem> + <para>This parameter configures the NFS4 ACL level. Only + <emphasis>41</emphasis> fully supports mapping NT ACLs and should be + used. The default is <emphasis>41</emphasis>.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term>nfs4acl_xattr:default acl style = [posix|windows|everyone]</term> + <listitem> + <para>This parameter determines the type of ACL that is synthesized in + case a file or directory lacks an ACL extended attribute.</para> + + <para>When set to <emphasis>posix</emphasis>, an ACL will be + synthesized based on the POSIX mode permissions for user, group and + others, with an additional ACE for <emphasis>NT + Authority\SYSTEM</emphasis> will full rights.</para> + + <para>When set to <emphasis>windows</emphasis>, an ACL is synthesized + the same way Windows does it, only including permissions for the owner + and <emphasis>NT Authority\SYSTEM</emphasis>.</para> + + <para>When set to <emphasis>everyone</emphasis>, an ACL is synthesized + giving full permissions to everyone (S-1-1-0).</para> + + <para>The default for this option is + <emphasis>everyone</emphasis>.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term>nfs4acl_xattr:xattr_name = STRING</term> + <listitem> + <para>This parameter configures the extended attribute name used to + store the marshaled ACL.</para> + <para>The default depends on the setting for + <emphasis>nfs4acl_xattr:encoding</emphasis>.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term>nfs4acl_xattr:nfs4_id_numeric = yes|no (default: no)</term> + <listitem> + <para>This parameter tells the module how the NFS4 server encodes user + and group identifiers on the network. With the default setting the + module expects identifiers encoded as per the NFS4 RFC as + user@domain.</para> + <para>When set to <emphasis>yes</emphasis>, the module expects the + identifiers as numeric string.</para> + <para>The default for this options<emphasis>no</emphasis>.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term>nfs4acl_xattr:validate_mode = yes|no</term> + <listitem> + <para>This parameter configures whether the module enforces the POSIX + mode is set to 0777 for directories and 0666 for files. If this + constrained is not met, the xattr with the ACL blob is + discarded.</para> + <para>The default depends on the setting for + <emphasis>nfs4acl_xattr:encoding</emphasis>: when set to + <emphasis>nfs</emphasis> this setting is disabled by default, + otherwise it is enabled.</para> + </listitem> + </varlistentry> + + </variablelist> + </refsect1> + + <refsect1> + <title>EXAMPLES</title> + + <para>A directory can be exported via Samba using this module as + follows:</para> + + <programlisting> + <smbconfsection name="[samba_gpfs_share]"/> + <smbconfoption name="vfs objects">nfs4acl_xattr</smbconfoption> + <smbconfoption name="path">/foo/bar</smbconfoption> + </programlisting> + </refsect1> + + <refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + </refsect1> + +</refentry> +</ns:Root> |