This is an example guide on setting up sharing on a EON ZFS Storage CIFS server.
Pre-Requisite(s): EON Install (All commands are run as user "root" unless otherwise specfied)
The schema here is user "andrel", group "stor", will transfer and own all the common area files (music, movies, pictures, etc). The group "stor" already exists (user admin is a part of this group) but feel free to create your own group schema. All other users will be able to access and view these files. They will not be allowed to modify or delete anything from the common area. They will have their personal home directory as a share to store their files. There will also be a public share that anyone can write to, but cannot modify or delete other user's public area files. Create a user name and user id table, similar to below, that you will use while following the guide.
List disks available for ZPOOL creation.
For this guide, let's create a mirrored (RAID-1) ZPOOL named "abyss" using disks c1t0d0, c1t1d0. Here, you will create your RAID-Z, RAID-Z2, RAID-10 or zpool of preference. "casesensitivity" can only be set at creation time! It cannot be modified later! Other parameters listed below can be added/modified later. "casesensitivity=mixed" allows the file name matching algorithm used by the file system to be both "casesensitive" and "caseinsensitive" (allows a combination of both styles).
Let's enable "aclinherit" to "passthrough-x" on ZPOOL "abyss". "passthrough" allows files created with 664 or 666 to be created, "passthrough-x" will additionally allow execute bit to be preserved. If you plan to use NFSv3, setting "aclmode" to match helps.
Let's create a ZFS swap big enough for 4GB RAM (1xRAM). A ZFS swap is highly recommended for improved performance and stability. Here, I opted for an additional 1GB buffer and the "-b 4k" is optional but creates a 4096 byte per block filesystem.
Create the parent directory for all user directories. This is where their personal share(s) will reside. The "-p" option creates all non-existent parent directories.
Create the common area ZFS share filesystem named, "share". All users will be granted read/view permission to this area.
Optional: Create the public ZFS share filesystem named, "public". Skip all commands for "public" if you do not need a public access share. To create a "public" share, include the "optional" labeled steps.
Set the share name to "share". If you do not set the share name, this defaults to path_name(abyss_share). This is the share name that will be displayed on the client (Win, Mac, etc)
Optional: Set the share name to "public".
Optional: Enable "gzip-1" compression on the ZFS dataset "abyss/share", "abyss/public". Defaults to lzjb compression, which is slightly faster but offers less compression. Gzip-9 offers better compression but is slightly slower than gzip-1. Gzip-6 offers a nice balance of performance and compression. Gzip-9 will incur approximately a 5% cpu performance penalty.
Enable "aclinherit" to "passthrough-x" on ZFS dataset "abyss/share", "abyss,public. "aclinherit" controls how ACL entries are inherited when files and directories are created under this share. ( aclinherit options = discard | noallow | restricted | passthrough | passthrough-x ).
Other ZFS dataset parameters to consider: "aclmode=passthrough" indicates that no changes are made to the ACL other than generating the necessary ACL entries to represent the new mode of the file or directory. "aclmode" controls how an ACL is modified during chmod. ( aclmode options = discard | groupmask | passthrough ).
Allow snapshots to be visible for NFS users.
Set the mode on the ZPOOL "abyss".
Optional: Set the mode on ZFS dataset "abyss/public".
Optional: If a "public" folder is needed within the common area share "abyss/share". All users will be able to create and view files in the "public" folder but they will not be able to modify or delete other user's files or directories.
Set the mode and ZFS ACLs (access control list) on the ZPOOL "abyss". You can copy and paste the following "chmod" command(s) into a executable script or directly into a SSH terminal session.
Set the ZFS ACLs for ZFS dataset abyss/share. You can copy and paste the following "chmod" command(s) directly into a SSH terminal session.
Optional: Create common area share top level directories. This is an example directory structure to show what is shared in the common area.
Create user "andrel", group "stor", uid "550", gid "500", comment "Johnny Cage", home directory/personal share "/abyss/users/andrel". Shell "/usr/bin/bash" means this user can login via SSH. Shell "/usr/bin/false" means the user is not allowed to log in via SSH. The useradd is ZFS capable and will create the "andrel" ZFS dataset in "/abyss/users". ZFS dataset "/abyss/users" was created above in the ZPOOL & ZFS creation section.
Set the recursive "R" ownership to user "andrel, 550:500" on ZFS dataset(s) "abyss/share", and "abyss/users/andrel". The "-h" switch includes symlink ownership. Note "550:500" is short hand equivalent to "andrel:stor" (refer to schema table at top of guide).
Set proper ownership for other users.
Set the share name on the user directories/personal shares created by useradd.
Set passwords for the users created.
The passwords for "root" and "admin" should also be changed from their defaults NOW, if they have not been changed already! Run updimg.sh to preserve the users and passwords just created.
Login as andrel (owner of all files as per schema above) via your client OS and begin loading the common area (movies, videos, music, pictures, etc) data. Happy storing.
solid . storeable . superb
EON, Storage for Life.