Skip to ContentSkip to Footer
Start of content
- Community Home
- >
- Servers and Operating Systems
- >
- Operating System - OpenVMS
- >
- CIFS 1.1 ECO 1 PS006 default file permissions issu...
Operating System - OpenVMS
-
-
Forums
- Products
- Servers and Operating Systems
- Storage
- Software
- Services
- HPE GreenLake
- Company
- Events
- Webinars
- Partner Solutions and Certifications
- Local Language
- China - 简体中文
- Japan - 日本語
- Korea - 한국어
- Taiwan - 繁體中文
-
- Advancing Life & Work
- Advantage EX
- Alliances
- Around the Storage Block
- HPE Ezmeral: Uncut
- OEM Solutions
- Servers & Systems: The Right Compute
- Tech Insights
- The Cloud Experience Everywhere
- HPE Blog, Austria, Germany & Switzerland
- Blog HPE, France
- HPE Blog, Italy
- HPE Blog, Japan
- HPE Blog, Middle East
- HPE Blog, Latin America
- HPE Blog, Russia
- HPE Blog, Saudi Arabia
- HPE Blog, South Africa
- HPE Blog, UK & Ireland
- HPE Blog, Poland
-
Blogs
- Advancing Life & Work
- Advantage EX
- Alliances
- Around the Storage Block
- HPE Blog, Latin America
- HPE Blog, Middle East
- HPE Blog, Saudi Arabia
- HPE Blog, South Africa
- HPE Blog, UK & Ireland
- HPE Ezmeral: Uncut
- OEM Solutions
- Servers & Systems: The Right Compute
- Tech Insights
- The Cloud Experience Everywhere
-
Information
- Community
- Welcome
- Getting Started
- FAQ
- Ranking Overview
- Rules of Participation
- Tips and Tricks
- Resources
- Announcements
- Email us
- Feedback
- Information Libraries
- Integrated Systems
- Networking
- Servers
- Storage
- Other HPE Sites
- Support Center
- Aruba Airheads Community
- Enterprise.nxt
- HPE Dev Community
- Cloud28+ Community
- Marketplace
-
Forums
-
Forums
-
Blogs
-
Information
-
English
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
06-01-2009 09:44 AM
06-01-2009 09:44 AM
Since upgrading to ECO1 PS006, we are encountering problems successfully
deleting or renaming files on CIFS shares. This is apparently due to PS006 enforcing
permission defaults unenforced by prior patch levels (PS002 specifically).
We would like to be able to create files from the Windows side
of a CIFS share that have the G:D OpenVMS permission enabled.
(Presuming that is the issue).
CIFS 1.1 ECO 1 PS006 release notes mention:
8. Allow ability to correctly set DELETE permission for owner/group/world
protection from Windows.
Alas, it does not mention the "knob" for controlling this behaviour
(presumably as an SMB.CONF parameter).
deleting or renaming files on CIFS shares. This is apparently due to PS006 enforcing
permission defaults unenforced by prior patch levels (PS002 specifically).
We would like to be able to create files from the Windows side
of a CIFS share that have the G:D OpenVMS permission enabled.
(Presuming that is the issue).
CIFS 1.1 ECO 1 PS006 release notes mention:
8. Allow ability to correctly set DELETE permission for owner/group/world
protection from Windows.
Alas, it does not mention the "knob" for controlling this behaviour
(presumably as an SMB.CONF parameter).
Solved! Go to Solution.
1 REPLY 1
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
06-01-2009 10:11 PM
06-01-2009 10:11 PM
Solution
Hi Rodman,
We were running CIFS V1.1 with a few problems but all under control. We then installed ECO1 and it would be difficult to say this was a positive move.
Last week I installed PS006 and most of our problems have been fixed, but we did notice that there were a few issues with file protections.
CIFS engineering reckon that a directory with a DEFAULT_PROTECTION ACE will ensure that files created by Windows clients will get the desired protection, but our experience is that this is not correct. Instead we're using an ACE of the form
(IDENTIFER=*,OPTIONS=DEFAULT,ACCESS=...)
which does what we need. (We used to have them all over the place, but ECO1 couldn't cope with them and we put the DEFAULT_PROTECTION ACEs on instead. Now PS006 doesn't seem to respect *them*!)
They also said we suggested we could use a combination of 'force create mode' and 'force security mode' to ensure created files get the desired protection. This seems to be working well for our [homes] shares.
Note that one of the significant changes introduced in PS006 concerns DELETE access to files. Previously, the 'create mode' setting (and variants thereof) tied DELETE access to the 'WRITE' bit, i.e. if you enable WRITE access you also enabled DELETE access. In PS006 they've separated the two, and you have to specify DELETE access separately. The 'create mode' setting now has this signficance:
create mode = 0dogw
where
'd' = DELETE access (see below)
'o' = OWNER access
'g' = GROUP access
'w' = WORLD access
The DELETE access is a bitmask with the following values:
4 = OWNER can delete
2 = GROUP can delete
1 = WORLD can delete
So if you want (S:RWED,O:RWED,G:R,W:R) you would set
create mode = 04744
We also noticed that sometimes the protection assigned to a file was not quite as intended, and in some cases would 'flip' between two states each time a file was saved. We have since learned that a bug has been discovered in the processing of the mask values, and that this should be fixed in PS007.
Regards,
Jeremy Begg
We were running CIFS V1.1 with a few problems but all under control. We then installed ECO1 and it would be difficult to say this was a positive move.
Last week I installed PS006 and most of our problems have been fixed, but we did notice that there were a few issues with file protections.
CIFS engineering reckon that a directory with a DEFAULT_PROTECTION ACE will ensure that files created by Windows clients will get the desired protection, but our experience is that this is not correct. Instead we're using an ACE of the form
(IDENTIFER=*,OPTIONS=DEFAULT,ACCESS=...)
which does what we need. (We used to have them all over the place, but ECO1 couldn't cope with them and we put the DEFAULT_PROTECTION ACEs on instead. Now PS006 doesn't seem to respect *them*!)
They also said we suggested we could use a combination of 'force create mode' and 'force security mode' to ensure created files get the desired protection. This seems to be working well for our [homes] shares.
Note that one of the significant changes introduced in PS006 concerns DELETE access to files. Previously, the 'create mode' setting (and variants thereof) tied DELETE access to the 'WRITE' bit, i.e. if you enable WRITE access you also enabled DELETE access. In PS006 they've separated the two, and you have to specify DELETE access separately. The 'create mode' setting now has this signficance:
create mode = 0dogw
where
'd' = DELETE access (see below)
'o' = OWNER access
'g' = GROUP access
'w' = WORLD access
The DELETE access is a bitmask with the following values:
4 = OWNER can delete
2 = GROUP can delete
1 = WORLD can delete
So if you want (S:RWED,O:RWED,G:R,W:R) you would set
create mode = 04744
We also noticed that sometimes the protection assigned to a file was not quite as intended, and in some cases would 'flip' between two states each time a file was saved. We have since learned that a bug has been discovered in the processing of the mask values, and that this should be fixed in PS007.
Regards,
Jeremy Begg
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
End of content
United States
Hewlett Packard Enterprise International
Communities
- Communities
- HPE Blogs and Forum
© Copyright 2022 Hewlett Packard Enterprise Development LP