Skip to end of metadata
Go to start of metadata

This HowTo is based on a patch introduced on Nov 17, 2015 that enables a non-global zone to use kernel based CIFS. The nice part of this is it takes very little work to get a CIFS zone up and running, no smb.conf file needed. This How-To uses delegate datasets to make things easier to manage within the zone. From the ZFS Admin Guide concerning delegate datasets:

The zone administrator can set file system properties, as well as create children. In addition, the zone administrator can take snapshots, create clones, and otherwise control the entire file system hierarchy.

Downside to delegated datasets is if the zone is deleted the datasets are also deleted.

Here is the step by step I came up with.

  1. Import base64 image (tested 15.3.0 and 15.4.1)
  2. Create joyent zone json
  3. Create Joyent zone from the json file
  4. Log into zone
  5. Add entry to /etc/pam.conf for pam_smb_passwd

    Note that pam.conf requires tabs between columns. The inserted line should include tabs as follows:

    Even though this enables SMB authentication, this does not initialize the SMB password database. The SMB password database by default will be empty at this point, and all accounts will fail SMB authentication until their password is set, for example by using the command line passwd utility, as mentioned below.

  6. Enable these services
  7. Verify services have started
  8. Create a mount point dataset
  9. Set a quota for the dataset
  10. Create a mount point
  11. Change file ownership. In this case I used admin:staff
  12. Change admin’s password so SMB password will be updated
  13. Share the filesystem

    (note: -r is the displayed resource name, -s is the share location, smb is the file system export type. see man sharemgr)

  14. Test with a CIFS client
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.