From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id E70ED1381F3 for ; Tue, 27 Aug 2013 19:54:23 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 76491E0F38; Tue, 27 Aug 2013 19:54:14 +0000 (UTC) Received: from mail-we0-f171.google.com (mail-we0-f171.google.com [74.125.82.171]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 48834E0E4E for ; Tue, 27 Aug 2013 19:54:13 +0000 (UTC) Received: by mail-we0-f171.google.com with SMTP id p57so4466200wes.30 for ; Tue, 27 Aug 2013 12:54:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=fBCWqmeXWqIC2BSRzt1Zmu5fgsuqB5fJ1nNLbqJKL3E=; b=CAch8Cly+MX27eMYZJ727QBmqmXXNMYh50tBP103dfGF9BxdSpjcNVu3Q9LyJvijii AZDBnrwvwLCMQeTm8hvBI/bLSB4ScY60+Pb/F/Fpskxo1g7hM/GRr8vvr8/91fBbO00/ M3CUZIg+vyDgRvLOBWhgGA0UMoc8bJr/OAi47QmdwCwBV8Zmcxx8mwnHh1d00phvQLH0 u+TlqmyDMHjXd8uQLHMl6dBONnnTjz2Dmpof0nCpGvqmkcc+9pMWX6/HT26brj9iHG2y rWZirlJlGtfWcI8eC9CDMOqLoJT/7rQoljrHll/WoCyR5r1BFbmppagAgY9ewSCs3jeW +iAA== X-Received: by 10.180.211.206 with SMTP id ne14mr12943878wic.30.1377633251929; Tue, 27 Aug 2013 12:54:11 -0700 (PDT) Received: from [172.20.0.41] (196-210-127-149.dynamic.isadsl.co.za. [196.210.127.149]) by mx.google.com with ESMTPSA id p3sm5862181wia.5.1969.12.31.16.00.00 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 27 Aug 2013 12:54:10 -0700 (PDT) Message-ID: <521D030C.4090400@gmail.com> Date: Tue, 27 Aug 2013 21:50:36 +0200 From: Alan McKinnon User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130809 Thunderbird/17.0.8 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Optional /usr merge in Gentoo References: <520A5446.1050001@mail.ru> <520DA782.4050803@sporkbox.us> <520F6333.70301@dmj.nu> <9716EEEB-144F-47AA-A828-FC9A508CE9FA@stellar.eclipse.co.uk> <521090F5.4090305@gmail.com> <521122CB.4010003@libertytrek.org> <521A7EE9.8000706@gmail.com> <521AF45C.1010206@gmail.com> <521C8F22.9060200@libertytrek.org> <521C90B2.3020805@gmail.com> <6056352e-a064-4add-bda9-153988a59b8e@email.android.com> In-Reply-To: <6056352e-a064-4add-bda9-153988a59b8e@email.android.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Archives-Salt: 97bbc546-fc53-4ba3-a327-95b065989fc0 X-Archives-Hash: 6e71686625fd66b0fef543cfdda11112 On 27/08/2013 21:24, joost@antarean.org wrote: > Alan McKinnon wrote: > > On 27/08/2013 13:36, Tanstaafl wrote: > > On 2013-08-26 2:23 AM, Alan McKinnon > wrote: > > I run it on my NASes, and the thing that really sold me was > what it lets > me as the admin do: > > I get all the benefits of directories with none of the > downsides. > I get all the benefits of mount points with none of the > downsides. > I get all the benefits of discrete filesystems with none of the > downsides. > > Like you say, a truly modern fs built for modern needs. > > > Are these home-built NAS's running FreeBSD (or maybe FreeNAS)? Or > TrueNAS or Nexenta boxes? > > I'm wondering what the best way would be to get something set up > for ZFS > file storage. I have some older servers that I can use, so was > leaning > toward FreeNAS... > > > > Mine are HP mini-servers (the cube shaped ones) with 4 SATA bays running > FreeNAS 8.0.something. > > Dunno if you've worked with FreeNAS before, but it's literally a case of > write the image to USB or flash storage and boot off it. Then play. > > You will need to be able to boot off a USB stick, CF card or similar, > FreeNAS uses an entire drive for it's system partition and it's a shame > to waste a whole high-capacity disk just for a 2G system image > > > > Alan. > > How is the security settings on the shares now? > > I had issues when accessing through NFS and CIFS simultaneously where > files written over NFS had to have the permissions altered before they > were accessible over CIFS. I've never run into this situation myself, my shares are either accessed via cfs or via nfs, but never both at the same time. The permissions issue is an artifact of how NFS works. Sun designed it to deliver entire filesystems over the network (most often /usr and-or /home) to trusted clients. "trusted" being the operative word. To get Unix permissions to work, the uid on the share and client have to match - that's why we also have NIS - but I've never seen NIS actually used anywhere, so UIDs tend to be a mix 'n match and almost always devolves into "full access" to get it to work. CIFS work different, it auths users by username and supports per-field access control. That's how that protocol works. There is no known way to fix NFS v2 & v3 in a mixed network and still stay sane. NFS v4 does a good job but it's not NFS v3 :-) it's common for NAS vendors to recommend you not try share the same files over CIFS and NFS, especially if write access is involced. > > Other issue I had was inability to have users only being able to access > files they were allowed to. With CIFS it sort of worked. But with NFS I > had full access to all files. > > That is the reason why I setup my NAS manually using Gentoo. > > -- > Joost > -- > Sent from my Android phone with K-9 Mail. Please excuse my brevity. -- Alan McKinnon alan.mckinnon@gmail.com