Update section about required xattr/acl support for UID/GID mapping. Signed-off-by: Paulo Alcantara (Red Hat) <pc@xxxxxxxxxxxxx> --- mount.cifs.rst | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/mount.cifs.rst b/mount.cifs.rst index f0ddef97a0e8..bd39c165c130 100644 --- a/mount.cifs.rst +++ b/mount.cifs.rst @@ -321,11 +321,12 @@ soft noacl Do not allow POSIX ACL operations even if server would support them. - The CIFS client can get and set POSIX ACLs (getfacl, setfacl) to Samba - servers version 3.0.10 and later. Setting POSIX ACLs requires enabling - both ``CIFS_XATTR`` and then ``CIFS_POSIX`` support in the CIFS - configuration options when building the cifs module. POSIX ACL support - can be disabled on a per mount basis by specifying ``noacl`` on mount. + The CIFS client can get and set POSIX ACLs (getfacl, setfacl) to + Samba servers version 3.0.10 and later. Setting POSIX ACLs requires + enabling both ``CONFIG_CIFS_XATTR`` and then ``CONFIG_CIFS_POSIX`` + support in the CIFS configuration options when building the cifs + module. POSIX ACL support can be disabled on a per mount basis by + specifying ``noacl`` on mount. cifsacl This option is used to map CIFS/NTFS ACLs to/from Linux permission @@ -750,8 +751,19 @@ bits, and POSIX ACL as user authentication model. This is the most common authentication model for CIFS servers and is the one used by Windows. -Support for this requires both CIFS_XATTR and CIFS_ACL support in the -CIFS configuration options when building the cifs module. +Support for this requires cifs kernel module built with both +``CONFIG_CIFS_XATTR`` and ``CONFIG_CIFS_ACL`` options enabled. Since +Linux 5.3, ``CONFIG_CIFS_ACL`` option no longer exists as CIFS/NTFS +ACL support is always built into cifs kernel module. + +Most distribution kernels will already have those options enabled by +default, but you can still check if they are enabled with:: + + cat /lib/modules/$(uname -r)/build/.config + +Alternatively, if kernel is configured with ``CONFIG_IKCONFIG_PROC``:: + + zcat /proc/config.gz A CIFS/NTFS ACL is mapped to file permission bits using an algorithm specified in the following Microsoft TechNet document: -- 2.44.0