Just moved from CentOS7 to RL 8.8. We have a central server with NFSv4.0 shares, the extended ACLs work perfectly well via terminal and desktop apps under CentOS7.9. RL 8.8 is very different though, ACLs are respected correctly from the terminal but I’m unable to write to any directory. User authentication is via SSSD bound to an 2012 AD domain.
- I’ve tried Gnome, KDE and XFCE, all have the same issue with their file managers and desktop apps.
- I’ve tried switching the users primary group to one of the additional security groups.
- selinux has been disabled while I tried and get to the bottom of this.
Here’s an example for you:
[simon@ws29test ~/Desktop] $ nfs4_getfacl ‘/mnt/datastore/PROJECTS/test-project/vfx/sandbox/’
file: /mnt/datastore/PROJECTS/test-project/vfx/sandbox/
A:fdg:743201457:rwadxtTnNcy
A:fd:EVERYONE@:tncy
A:fdg:743201458:rwaDdxtTnNcCoy
A:fdg:743201459:rxtncy
A:fdg:743200500:rwaDxtTnNcCoy
A:fdg:GROUP@:tncy
[simon@ws29test ~/Desktop] $ id
uid=743201428(simon) gid=743200513(domain users) groups=743200513(domain users),743201457(sgldn_c),743201517(sgpipelinedev)
As mentioned, access works perfectly from the terminal. Any ideas greatly appreciated as I’m flat out of ideas? Unfortunately I can’t go to 9 as certain software I depend on is tied to RL 8 at the moment.