The two relevant parameters of the
It looks like on FreeNAS, the default option is
The possible issue with merge, is that Windows is extremely fussy about ACL ordering. Suppose two ACEs of the same type (allow/deny) are set on a specific user or group, because one of these is set to inherit, and the other isn't. Windows needs implicit (inherited)/explicit ACEs ordered a specific way, but FreeBSD/ZFS/Samba just read them in index order. The criteria for merging ACEs is same user/group, and same type, from the docs. So the result of merging ACEs might be to "flatten" ACEs which Windows needs to find in a specific order in the list.
Example: ACEs as seen on server:
From the description, with
Is it safer to set the option to
acedup
property are described in the samba docs as follows: This parameter configures how Samba handles duplicate ACEs encountered in ZFS ACLs. ZFS allows/creates duplicate ACE for different bits for same ID.
- dontcare (default) - copy the ACEs as they come
- merge - bitwise OR the 2 ace.flag fields and 2 ace.mask fields of the 2 duplicate ACEs into 1 ACE
It looks like on FreeNAS, the default option is
merge
. At least, it shows up as that in testparm
for me.The possible issue with merge, is that Windows is extremely fussy about ACL ordering. Suppose two ACEs of the same type (allow/deny) are set on a specific user or group, because one of these is set to inherit, and the other isn't. Windows needs implicit (inherited)/explicit ACEs ordered a specific way, but FreeBSD/ZFS/Samba just read them in index order. The criteria for merging ACEs is same user/group, and same type, from the docs. So the result of merging ACEs might be to "flatten" ACEs which Windows needs to find in a specific order in the list.
Example: ACEs as seen on server:
user:Andy:w::deny
user:Bob:w::allow
user:Andy:rx:d:allow
user:Bob:rx:d:allow
From the description, with
acedup=merge
it sounds like Samba might flatten the ACL, and present them to Windows in an order which (to Windows) is perhaps incorrect. Maybe not in this specific example, but perhaps in other cases.Is it safer to set the option to
dontcare
, or are there reasons why I should have it set to merge
?