Grant POSIX rights for users so they can access files on the ShadowFS volume via the SMB/CIFS protocol. Rights are granted based on need. You set rights so that users can read, write, and execute in the ShadowFS volume’s root location in the /media/shadowfs directory. Do not set POSIX rights to the actual NCP shares for the primary and secondary volumes.
Open a terminal console, then log in as the root user.
Go to the ShadowFS volume root location of /media/shadowfs by entering the following at the terminal prompt:
cd /media/shadowfs
Set directory ownership for the group-level access to the ShadowFS volume root by entering the following:
chown :groupname shadowfs_volumename
For example, if the groupname is marketing and the shadowfs_volumename is USERS, enter
chown :marketing USERS
Set POSIX rights for the directory group by entering the following:
chmod mode shadowfs_volumename
For example, to grant POSIX read, write, and execute permissions for the user and group levels, and to set read and execute only for the others (world) level, set the mode to 775 by entering:
chmod 775 USERS
You are setting directory rights for /media/shadowfs/USERS as drwxrwxr-x.
Visually verify POSIX rights by entering
ll
Continuing the example, the results should look like this:
drwxrwxr-x 3 root marketing 80 May 16 15:48 USERS
Verify that the SMB/CIFS user can access the ShadowFS volume and can create directories.
Decide which user identity you want to use to test the setup. For example, you could assign the admin user as a user of the SMB/CIFS group, or use iManager to create a temporary user identity for a test user in the group.
Use iManager to ensure that the test user is Linux-enabled with Linux User Management, and grant the user SSH rights for accessing the server.
For information about configuring SSH for a user, see SSH Services on OES
in the OES 2018 SP1: Planning and Implementation Guide.
Use iManager to set eDirectory permissions on the volume or path for the test user.
Use Secure Shell (SSH) to log in to the volume as a user in the group.
For example, use ssh to connect to the server and log in:
ssh username@server.context.com
password:********
Go to the ShadowFS volume location by entering
cd /media/shadowfs/USERS
The user should be able to cd to and see the directory. If not, recheck the preceding steps to ensure that you followed the steps correctly.
As the user, create a directory. For example, enter
mkdir username
If the directory /media/shadowfs/USERS/username is created, the rights are working as expected.