Copyrigh © 2015 by Antonio Augusto DE CINTRA BATISTA <antonio.a.c.batista@gmail.com>
2015-04-15: First version
2017-04-24: some minor changes in the text
Content is available under GNU Free Documentation License 1.3
NFSv3 have no ACL capabilities; and the NFSv4 ACL is not directly compatible with POSIX ACL. For NFSv4 ACL and POSIX ACL to coexist in the same machine, a sensitive and not simple realtime translation would be necessary. With the increased usage of server virtualization, we tend to use some central storage solutions, which usually export volumes carried by NFS. There are situations where we need ext3 or ext4 ACL, for example: if the nfs mounted volume will be used to share files with Samba. One simple solution is to create an ext3 or ext4 filesystem that could be hosted by a NFSv3 or NFSv4 mounted directory.
The initial idea was to use an userspace filesystem, a great proposal from the GNU Hurd OS, and use fuse to have this filesystem in the form of a file stored in a NFS mounted volume. I've tried to use the the Debian GNU/Linux package zfs-fuse to host virtual disks in the NFS volume: it is really a motivating solution for some other situations, but does not provide us with ACL capabilities.
Next step, i came back to simplicity and, this way, the solution worked very well. Basically, we can go through the following steps. Create a virtual disk in the form of a file that is stored in a mounted NFS volume. Associate a loop device with this "disk". Format (ext4) the "disk". Mount the device in a directory (does not matter if this directory is in the NFS volume or anywhere else, provided that the file represented the "disk" is in the NFS volume). Use this directory normally: it is a ext4 directory :)
This proposed solution was the simplest one i could get working as desired. It uses some basic commands of a Debian GNU/Linux system usually found in every host or even in a small ISO image for Debian GNU/Linux installation.
###################### # Linux ACL with NFS # ###################### # NFSv3 have no ACL capabilities; and # the NFSv4 ACL is not directly compatible # with POSIX ACL. cdmkdir nfs_loop_disks cd nfs_loop_disks # create my_disk_1 with 100M*10=1G (change 10 to 200, for example, if you want 20G) dd if=/dev/zero of=my_disk_1 bs=100M count=10 # format my_disk_1 (answer Y to confirm you want to format the file): mkfs.ext4 ./my_disk_1 # verify which loop devices are eventually in use: losetup -a # create the disk device on an available loop device (/dev/loop0 in this example): losetup /dev/loop0 ./my_disk_1 # create a mount point: mkdir mounted_my_disk_1 # mount the device: mount /dev/loop0 mounted_my_disk_1 # testing if ACL is really being accepted: cd mounted_my_disk_1 touch testFile getfacl testFile setfacl -m u:man:r testFile getfacl testfile # HOW TO INCREASE THE DISK SIZE # umount the device: umount mounted_my_disk_1 # increase the disk size (by 200MB in this example) dd conv=notrunc oflag=append if=/dev/zero of=./my_disk_1 bs=100M count=20 # check the disk: e2fsck -f my_disk_1 # resize the filesystem (in this example, to occupy all the disk): resize2fs my_disk_1 # mount the device: mount /dev/loop0 mounted_my_disk_1 # testing if the disk size was increased and the testFile ACL keeps working: getfacl testfile
Enjoy :)
I welcome comments to: antonio.a.c.batista@gmail.com