ZFS Folder Permissions (chmod) and ACL Settings on Nexenta

ZFS Folder Permissions (chmod)

The simplest way of setting up permissions is probably using ACL's with inheritance instead of UNIX-type access rights.

    Set unix permissions of shared folder to 755 or 777 (needed for guest access)
    Handle the whole thing via ACL, set it from Windows
    Remove default acl

/usr/sun/bin/chmod A- /pool/folder

Set ACL to new defaults:

Everyone can modify:

/usr/sun/bin/chmod A=everyone@:modify_set:file_inherit/dir_inherit:allow /pool/folder

Root has all rights:

/usr/sun/bin/chmod A+user:root:full_set:file_inherit/dir_inherit:allow /pool/folder

To make it more Windows-like:

zfs set aclinherit=passthrough /pool/folder
 

Set all other CiFS rights (acl only) within Windows - based on your Nexenta user or smb-groups (workgroup mode) or domain-user/groups (domain mode). ACL's are Windows-like. If you need guest access or share a folder via NFS (use NFS3 for a ESXi datastore), set ACL-permissions from Windows recursively to modify for everybody on your SMB + NFS shared folder.

You can also use the below command

/usr/sun/bin/chmod -R A=owner@:full_set:d:allow,\
owner@:full_set:f:allow,\
everyone@:rxaARWcs:d:allow,\
everyone@:raARWcs:f:allow \
$1

For Ready Reference, please visit the following from Oracle.

ZFS ACLs from Mark Shellenbaum's Weblog  - http://blogs.oracle.com/marks/entry/zfs_acls

Solaris ACL from the blog of Ben Rockwood -  http://cuddletech.com/blog/pivot/entry.php?id=939

Solaris ZFS Administration Guide Chapter 8 ACL Management - http://download.oracle.com/docs/cd/E19253-01/819-5461/