Access control list (ACL) behavior differs between Windows systems and ZFS file systems on Oracle Solaris systems. You might experience Windows ACL inheritance problems because of the access control entry (ACE) ordering used by the default ZFS ACL.
The default ZFS ACL is designed to comply with POSIX, which results in the interleaving of
deny ACEs. Windows expects all
deny ACEs to precede all
You can override the default ZFS behavior by changing the ACL on the root directory to provide the equivalent of
Everyone:FullControl as follows:
$ chmod 777 /pool-name $ chmod A=everyone@:rwxpdDaARWcCos:fd:allow /pool/dataset
For information about the
chmod options, see the
chmod(1) man page.
You can verify the ACL by viewing it on Windows or by running the following command on an Oracle Solaris system:
$ ls -V -d /pool/dataset
You can apply this ACL recursively to all subdirectories and files for existing file systems from Windows or from the Oracle Solaris OS.
If you apply the ACL when the file system is first created, the ACL will be propagated according to the normal inheritance rules.
If a directory has a default ZFS ACL, when a file or folder is created in this directory from Windows, it has two ACEs: one for the owner and one for SYSTEM. To change this behavior, update the root directory's ACL by running the