How To Build A Standalone File Server With Nexenta 3.0 Beta2 - Page 4

5 Samba Services and zfs:

Start the service:

[email protected]:/# svcadm enable -r smb/server

If the following warning is issued, you can ignore it:

svcadm: svc:/milestone/network depends on svc:/network/physical, which has multiple instances

Set the workgroup name:

[email protected]:/# smbadm join -w SHARING

After joining SHARING the smb service will be restarted automatically.
Would you like to continue? [no]: yes
Successfully joined SHARING

Great. Now we can enable shares for the users. User share rights in this setup are directly related to unix file permission settings. If I share /export/home/newuser then I must connect as newuser because ownership of that directory is newuser:newuser. Let's set up a share. First, the directory we create this share on needs to be empty. If we are sharing the whole of a user's directory (and not a folder in it) we need to move files in the directory out:

[email protected]:/# mkdir /opt/tmp/
[email protected]:/# mv /export/home/newuser/* /opt/tmp/; mv /export/home/newuser/.* /opt/tmp/

Verify the files all moved:

[email protected]:/# ls -lha /export/home/newuser/; ls -lha /opt/tmp/

total 3.0K
drwxr-xr-x 2 newuser newuser 2 Apr 22 15:51 .
drwxr-xr-x 4 root    root    4 Apr 22 15:16 ..
total 9.5K
drwxr-xr-x 2 root    root       8 Apr 22 15:51 .
drwxr-xr-x 3 root    sys        3 Apr 22 15:50 ..
-rw-r--r-- 1 newuser newuser  220 Apr 22 15:16 .bash_logout
-rw-r--r-- 1 newuser newuser 2.9K Apr 22 15:16 .bashrc
-rw-r--r-- 1 newuser newuser  964 Apr 22 15:16 .profile
-rw-r--r-- 1 newuser newuser 1.1K Apr 22 15:16 local.cshrc
-rw-r--r-- 1 newuser newuser  988 Apr 22 15:16 local.login
-rw-r--r-- 1 newuser newuser 1002 Apr 22 15:16 local.profile

Ok, let's create the zpool and share it:

[email protected]:/# zfs create -o compression=gzip-9 -o dedup=on -o quota=100g -o casesensitivity=mixed -o nbmand=on -o sharesmb=on pool1/newuser

Let's talk about some of the triggers in that command. The trigger "-o dedup=on" sets deduplication on allowing multiple instances of the same file to only have to exist one time. From a filesystem user perspective you'll not notice this, however it can save a lot of space. The trigger "-o compression=gzip-9" sets the filesystem compression to use the gzip libraries and sets it to maximum compression, or 9. 1 is lowest, 9 is highest. These settings may impact performance on heavy writes to disk. You should consider how fast your disks are and how powerful your processor and ram are before enabling these settings. The trigger "-o quota=100g" sets the user's home directory to grow no more than 100g. This setting is optional, but handy to know.

Move the files back:

mv /opt/tmp/* /export/home/newuser/; mv /opt/tmp/.* /export/home/newuser/

Verify the pool:

[email protected]:/# zpool list

pool1    3.97T   239K  3.97T     0%  1.00x  ONLINE  -
syspool   127G  1.31G   126G     1%  1.00x  ONLINE  -

[email protected]:/# zfs list

pool1                    136K  3.91T    31K  /export/home
pool1/newuser             21K  3.91T    21K  /export/home/newuser
syspool                 2.34G   123G    26K  none
syspool/rootfs-nmu-000  1.31G   123G  1007M  legacy
syspool/swap            1.03G   124G    16K  -

Verify the share is up:

[email protected]:/# sharemgr show -vp

default nfs=()
    zfs/pool1/newuser smb=()
                  pool1_newuser=/export/home/newuser     smb=(abe="false" guestok="false")

Now you should be able to connect to that share from another machine (you'll need to authenticate as the correct user, of course.)

smb://(ip address or host name)/export/home/newuser

Everything is up for Samba. Repeat this process to create users and shares as needed.


6 NFS Setup:

This one's pretty easy. If you want an NFS server to share all home directories, do the following:

[email protected]:~# zfs set sharenfs=on pool1

It's that easy. If you want to share specific pools, like the one we created for newuser, it would be:

[email protected]:~# zfs set sharenfs=on pool1/newuser

Verify the share is up:

[email protected]:/# sharemgr show -vp

default nfs=()
    zfs/pool1 nfs=()

I should point out that the UID and GID of the client connecting should match, otherwise you won't be able to connect/read/write. I am not going to go into how to set up a NIS master server here, as out of the box Nexenta doesn't include the network/nis/server, network/nis/passwd, network/nis/update, network/nis/xfr services. These could be installed as packages from Sun/OpenSolaris but I haven't looked into this yet. As long as the client you're using (whether it's OS X, Services For UNIX on Windows, or Linux) can either translate or match the UID/GID of the user on the server, you won't run into connection problems. I'll look more into this and write a new tutorial for creating a NIS master server and attaching Samba to an Active Directory Domain in the future.

Share this page:

Suggested articles

2 Comment(s)

Add comment


From: Aristotle Jones

This is a great run down of getting a samba and NFS server up and running.  I wish I had this guide when I built mine, could have saved me a LOT of work.  I would like to add that one will run into trouble if they are trying to create a share for multiple users, specifically when using ACL's from windows.

 As the tutorial really only goes over sharing home folders, you would be fine, but if you create one share, available to several users or groups, and they are writing from windows, you are in for trouble without understanding the ACL's

For Owner full access, read to everyone else use this:
(Note: i used chown on the root of the my share first  i.e. chown -R chris /share)

chmod -R A=\

[email protected]:wACpdDo:d:allow,\

[email protected]:wACpdDo:f:allow,\

[email protected]:rxaARWcs:d:allow,\

[email protected]:raARWcs:f:allow \


Make sure to TEST!
For multiple groups / users on a specific folder, and then recursively add the ACL’’s to any child objects:

chmod -R A=\

[email protected]:full_set:d:allow,\

[email protected]:full_set:f:allow,\



[email protected]:rxaARWcs:d:allow,\

[email protected]:raARWcs:f:allow \


The above command gives the owner and the user “Bob” full permissions, the everybody else group has read only access. If you want to add a group then just use group: instead of user: at the start.

This gives full access to myself and Bob, but deny’s access to everyone else;

chmod -R A=\

[email protected]:full_set:d:allow,\

[email protected]:full_set:f:allow,\





[email protected]:full_set:d:deny,\

[email protected]:full_set:f:deny \


 Hope this helps get you going faster.

From: Anonymous

Remember if you give the full_set to files they are also executable ..... you might not want that on every file ;) especially if you propagate this to every new file in the future.