Open arter97 opened 2 years ago
Early versions of ksmbd supported symlinks(read-only). While upstream ksmbd, I have got an opinion from the samba team that symlinks is very vulnerable to security issues and that it is better to remove them and not support them. And for full compatibility between Linux and Windows, symlinks must be re-implemented using SMB reparse points. First, I need the time to start working it.
I wanted to use and share https://sbgrid.org/ with ksmbd for macOS. It is full of symlinks and when trying to access it is permission denied.
Hi, everyone.
I'm currently looking into deploying ksmbd to replace NFS to see if it improves performance for my workload.
The workload I'm mainly concerned about involves running a lot of parallel processes (16-128) to randomly access Git objects (on NVMe drive), NFS quickly gets bounded by CPU, instead of I/O or network. I'll share the performance results if I get it all setup properly.
The main issue I'm having currently is the symlink support.
I'm looking into replacing NFS with ksmbd, so I don't have to worry about Windows/dos compatibility, and I cannot compare it with a Samba setup as it doesn't seem to support POSIX extensions properly yet (!).
The host file-system is ZFS, but that shouldn't matter.
Here's the smb.conf file used by ksmbd:
Mount command:
mount -t cifs -o guest,nobrl,ro,cache=loose,linux,setuids,perm,cifsacl,locallease //10.150.21.10/mirror /tmp/smb
Symbolic links are replaced with unreadable 777 files:
On the host machine, "test" is a symlink to "qssi":
I was looking forward to deploying ksmbd for a long time, but we need this to be resolved to deploy properly.
Is this a protocol limitation? (A major bummer, if so)
Thanks.