After setting up ZFS, I need to set up network shares and connect them to our home computers.
I originally chose NFS because of its simplicity to set up.
zfs set sharenfs=on tank/Media zfs set sharenfs=on tank/twiddle zfs set sharenfs=on tank/backups
That’s it for the OpenSolaris side of things. The only thing left to do is connect these NFS shares to my Mac. This is a simple task. Although I could mount them like any other server, I instead chose to use the automount facility provided by Directory Services (Note: this feature has changed in Snow Leopard). This way, the share is mounted when it is needed—a helpful tool when I am using a share for my iTunes music.
One big disadvantage of NFS, though, is that it shares based on user id. That is, user id number 1000 on the client will connect as user id 1000 on the NFS server. The practical implications of this is that each client computer should have unique user ids. Unfortunately, without a common user management system like NIS or LDAP, managing unique users across independent clients very quickly becomes tedious.
One alternative to NFS is to use CIFS/SMB. CIFS/SMB is normally used to make shares accessible to Windows computers, but it can also be used when one needs to maintain separate user accounts on server and client machines. In my case, I have two OS X computers, each with the primary user account #501. In this case, I can set up two user accounts on the file server and use SMB to access them from the Macs.
Setting up CIFS/SMB is not terribly complicated, but it does require installing a couple of packages.
pkg install SUNWsmbs SUNWsmbskr
Next, enable the smb server:
svcadm enable -r network/smb/server
And finally, set the ZFS mount to use smb:
zfs sharesmb=name=Media tank/Media zfs sharesmb=name=twiddle tank/twiddle
At this point I could connect to the shares from my Mac via SMB, but I noticed that newly created files had no permissions. The solution was to set up ACLs on the file server.
/bin/chmod -R A=owner@:full_set:d:allow,\ owner@:full_set:f:allow,\ everyone@:rxaARWcs:d:allow,\ everyone@:raARWcs:f:allow \ /tank/Media /tank/twiddle
This simply sets an ACL that allows the owner full access and gives read access to everyone else. Note that this command uses /bin/chmod, and not the OpenSolaris default of /usr/gnu/bin/chmod. For more details on ACLs, see the excellent posts at Daz’s bits and bobs.
On the file server, I have two users (
karen_remote), both members of the same group (remote), that I use for SMB sharing. I changed the ownership and group of the files that are shared on the file server, and I can now connect from the Macs with no problem. Thinking longer term, the SMB shares have the further advantage of still being usable as computers are added or replaced. The key is just the user id and password.
Note: I did have some problems getting smb to start after a reboot. The code below fixed it.
# svcadm disable network/smb/server # rem_drv smbsrv Invalid argument Cannot remove major number binding for 260 # add_drv smbsrv # svcadm enable -r network/smb/server # svcs | grep smb online 20:59:18 svc:/network/smb/server:default #
This work is licensed under a Creative Commons Attribution 3.0 Unported License.
The thoughts expressed here are my own and do not necessarily represent those of my employer.