System Administration Guide: Network Services

NFS ACL Support

Access control list (ACL) support was added in the Solaris 2.5 release. ACLs provide a finer-grained mechanism to set file access permissions than is available through standard UNIX file permissions. NFS ACL support provides a method of changing and viewing ACL entries from a Solaris NFS client to a Solaris NFS server.

The NFS Version 2 and Version 3 protocols support the old POSIX-draft style ACLs. POSIX-draft ACLs are natively supported by UFS. See Using Access Control Lists to Protect UFS Files in System Administration Guide: Security Services for more information about UFS ACLs.

The NFS Version 4 protocol supports the new NFSv4 style ACLs. NFSv4 ACLs are natively supported by ZFS. For full featured NFSv4 ACL functionality, ZFS must be used as the underlying file system on the NFSv4 server. The NFSv4 ACLs have a rich set of inheritance properties, as well as a set of permission bits beyond the standard read, write and execute. See Chapter 8, Using ACLs to Protect Oracle Solaris ZFS Files, in Oracle Solaris ZFS Administration Guide for an overview of the new ACLs. For more information about support for ACLs in NFS version 4, see ACLs and nfsmapid in NFS Version 4.