ACL on the Solaris

we have two Solaris 10 servers with same configuration and settings. We have hard mounted the NFS with the version 4.
In one of the server the newer ACL commands are working fine ( chmod and ls -v ) whereas in another only posix ( getfacl and setfacl alone is working) when we try ls -V in in that server. the error displays as invalid option. Please advise on how to enable to newer ACL format in that server

are you sure they are the same level patch level?

are they both using UFS or ZFS? or a mix?

If you attempt to set an NFSv4-style ACL on a UFS file, you see a message similar to the following:

chmod: ERROR: ACL type's are different
If you attempt to set a POSIX-style ACL on a ZFS file, you will see messages similar to the following:

# getfacl filea

File system doesn't support aclent_t style ACL's.
See acl(5) for more information on Solaris ACL support.

source:Solaris ACL Model - Oracle Solaris ZFS Administration Guide

ls: invalid option -- 'V'
Try `ls --help' for more information. 

This is what I am getting as error in one of the server, same is working fine in another one.

we did the same kind of hard mount in both the servers

moutn -F nfs -o vers=4 server:/path /path

are you sure they are on the same patch level?

have you tried to do a man on ls to see if -V is actually an option.

can you let me know how to check the patch level, uname -a shows the same results.

in one of the server

man ls
getcwd: I/O error

ls --help doesnt reveal anything related to ACL

and in another one, man ls is working and it shows the ACL options

is this Sparc? or X86?

are you using BE/ABE to patch?

$ uname -a
SunOS ftvlssdedw04 5.10 Generic_148888-05 sun4v sparc sun4v

**above one working fine

uname -a
SunOS cidcsebubldp01 5.10 Generic_150400-10 sun4v sparc sun4v Solaris

those are your patch levels. The one that is NOT working is on a newer patch cycle. But it's still relatively old..

as an example here's mine:

servername# uname -a
SunOS servername 5.10 Generic_150400-30 sun4v sparc SUNW,T5240

looks like BOTH of your servers need to be updated.

---------- Post updated at 11:08 AM ---------- Previous update was at 11:00 AM ----------

15200607 system paniced with "segkp_fault: accessing redzone" trying to access NFS file
15317045 ACL translators should ignore ACE4_IDENTIFIER_GROUP on special IDs

source: https://getupdates.oracle.com/readme/README.150400-22

looks like later patches fix it...

1 Like

Thanks for the info, Its very informative and really appreciate this.

couple of forum etiquette things for you...

you should always enclose your code in code tags using the code button on the tool bar.

and there is a Thanks button for a reason :slight_smile:

1 Like

chmod and ls -V is working for the particular user and root but not for all, any idea on this ?

Is this after the upgrade? and on a zfs FS?

if so it's probably due to the permissions you have set.

if they don't have read access in the acl they wouldn't be able to read the ACL

> ls -dV .
drwxrwxrwx  10 it123    EEGX_CEG    1024 Dec 15 10:48 .
            owner@:rwxp-DaARWcC-s:------:allow
            group@:rwxp-Da-RWc--s:------:allow
         everyone@:rwxp-Da-RWc--s:------:allow

So everyone has the permission to read the acl, however still its not working

These users are using GNU ls, maybe installed in /usr/sfw/bin/ls, /usr/local/bin/ls or something like this, instead of the regular Solaris one which is /usr/bin/ls.

1 Like