Symptoms
Running certain operations on files and directories over NFS3 using the 'setfacl' command fails with the error - "Operation not supported".Impact: Unable to use granular file access controls over NFS3.How to identify the issue:This issue has been reported when trying to set the 'default' ACL on a directory. The following occurs and no default is set and happens on both SDNAS and PowerStore.
> setfacl -d -m g::rwx cow
setfacl: cow: Operation not supported
> getfacl cow
# file: cow
# owner: washem1
# group: user2
user::rwx
group::rwx
other::r-x
Cause
SDNAS, and UFS64 in general, do not support POSIX ACLs and therefore using these ACLs over NFS3 have undefined behavior.
Resolution
Workaround:Use NFS4 ACL (nfs4_setfacl) which is fully supported in SDNAS. Example of setting something similar to the default ACL
root@W10HBCKV93:/mnt/sdnas# mkdir nfs4acltest
root@W10HBCKV93:/mnt/sdnas# nfs4_setfacl -a A:fd:EVERYONE@:rxtncy nfs4acltest
root@W10HBCKV93:/mnt/sdnas# nfs4_getfacl nfs4acltest
A:fd:EVERYONE@:rxtncy <----- 'default' for f (files) and d(directories)
A::OWNER@:rwaDxtTnNcCy
A:g:GROUP@:rxtncy
A::EVERYONE@:rxtncy
root@W10HBCKV93:/mnt/sdnas# touch nfs4acltest/testfile
root@W10HBCKV93:/mnt/sdnas# nfs4_getfacl nfs4acltest/testfile
A::EVERYONE@:rxtncy
