diff options
| author | Björn Jacke <bj@sernet.de> | 2022-06-20 21:13:32 +0200 |
|---|---|---|
| committer | Christof Schmitt <cs@samba.org> | 2022-06-22 18:05:32 +0000 |
| commit | 7011573e13f246d5ed66ebfc47b08dd1fa0bfc14 (patch) | |
| tree | ad614280558ec38270fa2f81ca81b23ff44c3c2a /docs-xml/manpages | |
| parent | 994c262b883740c48ce1fe37eb262b009b9e971f (diff) | |
| download | samba-7011573e13f246d5ed66ebfc47b08dd1fa0bfc14.tar.gz | |
docs-xml: add nfs4.xml.include documenting the generic NFS4 ACL parameters
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Diffstat (limited to 'docs-xml/manpages')
| -rw-r--r-- | docs-xml/manpages/nfs4.xml.include | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/docs-xml/manpages/nfs4.xml.include b/docs-xml/manpages/nfs4.xml.include new file mode 100644 index 00000000000..29cad9eb95c --- /dev/null +++ b/docs-xml/manpages/nfs4.xml.include @@ -0,0 +1,57 @@ +<variablelist> + +<varlistentry> + <term>nfs4:mode = [ simple | special ]</term> + <listitem> + <para> + Controls substitution of special IDs (OWNER@ and GROUP@) on NFS4 ACLs. + The use of mode simple is recommended. + In this mode only non inheriting ACL entries for the file owner + and group are mapped to special IDs. + </para> + + <para>The following MODEs are understood by the module:</para> + <itemizedlist> + <listitem><para><command>simple(default)</command> - use OWNER@ and GROUP@ special IDs for non inheriting ACEs only.</para></listitem> + <listitem><para><command>special(deprecated)</command> - use OWNER@ and GROUP@ special IDs in ACEs for all file owner and group ACEs.</para></listitem> + </itemizedlist> + </listitem> + +</varlistentry> + +<varlistentry> + <term>nfs4:acedup = [dontcare|reject|ignore|merge]</term> + <listitem> + <para> + This parameter configures how Samba handles duplicate ACEs encountered in NFS4 ACLs. + They allow creating duplicate ACEs with different bits for same ID, which may confuse the Windows clients. + </para> + + <para>Following is the behaviour of Samba for different values :</para> + <itemizedlist> + <listitem><para><command>dontcare</command> - copy the ACEs as they come</para></listitem> + <listitem><para><command>reject (deprecated)</command> - stop operation and exit with error on ACL set op</para></listitem> + <listitem><para><command>ignore (deprecated)</command> - don't include the second matching ACE</para></listitem> + <listitem><para><command>merge (default)</command> - bitwise OR the 2 ace.flag fields and 2 ace.mask fields of the 2 duplicate ACEs into 1 ACE</para></listitem> + </itemizedlist> + </listitem> +</varlistentry> + + +<varlistentry> + <term>nfs4:chown = [yes|no]</term> + <listitem> + <para>This parameter allows enabling or disabling the chown supported + by the underlying filesystem. This parameter should be enabled with + care as it might leave your system insecure.</para> + <para>Some filesystems allow chown as a) giving b) stealing. It is the latter + that is considered a risk.</para> + <para>Following is the behaviour of Samba for different values : </para> + <itemizedlist> + <listitem><para><command>yes</command> - Enable chown if as supported by the under filesystem</para></listitem> + <listitem><para><command>no (default)</command> - Disable chown</para></listitem> + </itemizedlist> + </listitem> +</varlistentry> + +</variablelist> |