| Message ID | 20240311012425.156879-2-pc@manguebit.com |
|---|---|
| State | New |
| Headers | show |
| Series | [1/2] mount.cifs.rst: add missing reference for sssd | expand |
You can add my Reviewed-by: Steve French <stfrench@microsoft.com> On Sun, Mar 10, 2024 at 8:24 PM Paulo Alcantara <pc@manguebit.com> wrote: > > Update section about required xattr/acl support for UID/GID mapping. > > Signed-off-by: Paulo Alcantara (Red Hat) <pc@manguebit.com> > --- > mount.cifs.rst | 26 +++++++++++++++++++------- > 1 file changed, 19 insertions(+), 7 deletions(-) > > diff --git a/mount.cifs.rst b/mount.cifs.rst > index f0ddef97a0e8..bd39c165c130 100644 > --- a/mount.cifs.rst > +++ b/mount.cifs.rst > @@ -321,11 +321,12 @@ soft > noacl > Do not allow POSIX ACL operations even if server would support them. > > - The CIFS client can get and set POSIX ACLs (getfacl, setfacl) to Samba > - servers version 3.0.10 and later. Setting POSIX ACLs requires enabling > - both ``CIFS_XATTR`` and then ``CIFS_POSIX`` support in the CIFS > - configuration options when building the cifs module. POSIX ACL support > - can be disabled on a per mount basis by specifying ``noacl`` on mount. > + The CIFS client can get and set POSIX ACLs (getfacl, setfacl) to > + Samba servers version 3.0.10 and later. Setting POSIX ACLs requires > + enabling both ``CONFIG_CIFS_XATTR`` and then ``CONFIG_CIFS_POSIX`` > + support in the CIFS configuration options when building the cifs > + module. POSIX ACL support can be disabled on a per mount basis by > + specifying ``noacl`` on mount. > > cifsacl > This option is used to map CIFS/NTFS ACLs to/from Linux permission > @@ -750,8 +751,19 @@ bits, and POSIX ACL as user authentication model. This is the most > common authentication model for CIFS servers and is the one used by > Windows. > > -Support for this requires both CIFS_XATTR and CIFS_ACL support in the > -CIFS configuration options when building the cifs module. > +Support for this requires cifs kernel module built with both > +``CONFIG_CIFS_XATTR`` and ``CONFIG_CIFS_ACL`` options enabled. Since > +Linux 5.3, ``CONFIG_CIFS_ACL`` option no longer exists as CIFS/NTFS > +ACL support is always built into cifs kernel module. > + > +Most distribution kernels will already have those options enabled by > +default, but you can still check if they are enabled with:: > + > + cat /lib/modules/$(uname -r)/build/.config > + > +Alternatively, if kernel is configured with ``CONFIG_IKCONFIG_PROC``:: > + > + zcat /proc/config.gz > > A CIFS/NTFS ACL is mapped to file permission bits using an algorithm > specified in the following Microsoft TechNet document: > -- > 2.44.0 > >
diff --git a/mount.cifs.rst b/mount.cifs.rst index f0ddef97a0e8..bd39c165c130 100644 --- a/mount.cifs.rst +++ b/mount.cifs.rst @@ -321,11 +321,12 @@ soft noacl Do not allow POSIX ACL operations even if server would support them. - The CIFS client can get and set POSIX ACLs (getfacl, setfacl) to Samba - servers version 3.0.10 and later. Setting POSIX ACLs requires enabling - both ``CIFS_XATTR`` and then ``CIFS_POSIX`` support in the CIFS - configuration options when building the cifs module. POSIX ACL support - can be disabled on a per mount basis by specifying ``noacl`` on mount. + The CIFS client can get and set POSIX ACLs (getfacl, setfacl) to + Samba servers version 3.0.10 and later. Setting POSIX ACLs requires + enabling both ``CONFIG_CIFS_XATTR`` and then ``CONFIG_CIFS_POSIX`` + support in the CIFS configuration options when building the cifs + module. POSIX ACL support can be disabled on a per mount basis by + specifying ``noacl`` on mount. cifsacl This option is used to map CIFS/NTFS ACLs to/from Linux permission @@ -750,8 +751,19 @@ bits, and POSIX ACL as user authentication model. This is the most common authentication model for CIFS servers and is the one used by Windows. -Support for this requires both CIFS_XATTR and CIFS_ACL support in the -CIFS configuration options when building the cifs module. +Support for this requires cifs kernel module built with both +``CONFIG_CIFS_XATTR`` and ``CONFIG_CIFS_ACL`` options enabled. Since +Linux 5.3, ``CONFIG_CIFS_ACL`` option no longer exists as CIFS/NTFS +ACL support is always built into cifs kernel module. + +Most distribution kernels will already have those options enabled by +default, but you can still check if they are enabled with:: + + cat /lib/modules/$(uname -r)/build/.config + +Alternatively, if kernel is configured with ``CONFIG_IKCONFIG_PROC``:: + + zcat /proc/config.gz A CIFS/NTFS ACL is mapped to file permission bits using an algorithm specified in the following Microsoft TechNet document:
Update section about required xattr/acl support for UID/GID mapping. Signed-off-by: Paulo Alcantara (Red Hat) <pc@manguebit.com> --- mount.cifs.rst | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-)