[Samba] samba acl's

Buchan Milne bgmilne at cae.co.za
Thu Feb 13 10:30:16 GMT 2003 

> Date: Wed, 12 Feb 2003 14:34:56 -0600
> From: David.Grudek at anixter.com
> To: samba at lists.samba.org
> Subject: [Samba] samba acl's
> Message-ID: <OFAA1D48DE.57CEA457-ON86256CCB.0061B639-86256CCB.0070B5B6 at anixter.com>
> Content-Type: text/plain; charset="us-ascii"
> MIME-Version: 1.0
> Precedence: list
> Message: 20
> 
> I have been playing with samba for a short time.  I am not a programmer 
> but a I have some questions on if acls within samba are possible, 
> regardless of acl's in the file system or kernel.  In samba now, you can 
> have read list or write list and say this user and/or group has write 
> and/or this user and/or group has read only.  This is a scaled down 
> version of an acl.  What if they created a folder called acl's and had one 
> file called no access, one file called read, write, change, and full.  An 
> entry inside these files could look similar to:
>  /data = @domain admin, john, steve
> /data/accounting = @domain admin, @accounting, bob
> 
> if these entries were in the change file then samba would restrict him 
> accordingly.  I have been trying to get acl's to work and it has been 
> difficult to work.  I have been thinking that maybe samba could do this 
> for us without having to count on other pieces of software.  I am only 
> asking so please dont take this the wrong way.  If it is possible I would 
> like to help make it happen.  I am not sure how I can help because I am 
> not a programmer, but if there is anything I will be willing to pitch in.

File permissions and ACLs are best stored by the filesystem, since then
you are guaranteed to get the same behaviour via different services (smb
vs ftp vs http vs local access vs nfs).

If you want ACLs working easily out the box, use Mandrake 9.0. Either
add the acl option to ext2/ext3 filesystems in your /etc/fstab, or use
XFS. AFAIK, SuSE also supports ACLs out-the-box.

Buchan

-- 
|--------------Another happy Mandrake Club member--------------|
Buchan Milne                Mechanical Engineer, Network Manager
Cellphone * Work            +27 82 472 2231 * +27 21 8828820x121
Stellenbosch Automotive Engineering         http://www.cae.co.za
GPG Key                   http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7

More information about the samba mailing list