For clients to be able to access a fileset, a client must first take ownership of the fileset, by changing the fileset's owner to a valid user that can provide the required access. The take-ownership operation is only performed once for each fileset, and can only be done by a privileged client. A privileged client is a client on which root users in UNIX or users with administrator user in Windows are given those same privileges for the SAN File System global namespace. A root user logged in to a privileged client is granted full control over directories, files, and other file system objects created by clients in the SAN File System global namespace.
The concept of root squashing means that by default, when a root or Administrator user logs into a client that is not a privileged client, the user's privileges for the global namespace are reduced to that of "Other" in UNIX or "Everyone" in Windows. Therefore, in order to change the ownership and permissions on a fileset, one or more privileged clients must be created. You need at least one privileged Windows client if there are any Windows clients creating files, and at least one privileged UNIX client if there are any UNIX clients creating files.
The different client platforms can, however, share files in a common fileset if the permissions allow. Therefore, it is important to set up your access control lists (ACLs) on the clients and user maps in SAN File System to accomplish this goal.
To be able to take ownership and change permission on a new fileset, turn off root squashing for the client — that is, enable it as a privileged client to SAN File System.
Parent topic: File sharing
Related concepts
Privileged clients