[Samba] ACL strange behaviour
John Drescher
drescherjm at gmail.com
Fri Apr 4 13:12:38 GMT 2008
On Fri, Apr 4, 2008 at 7:39 AM, toni <tonign at xtec.net> wrote:
> hi,
>
> i'm experiencing a strange behaviour when setting ACL from Windows XP
> clients (server is BDC with LDAP) after migrating service from SLES 9.3
> to SLES 10.1:
>
> i can't set ACL to a folder to give access to individual users without
> allowing the group of the creator. step by step, i tried to remove group
> permissions (which worked fine) but, when i add permissions to other
> users, group permissions become effective for the group in the
> directory (but no in its subfolders)
>
> the correct behaviour is that i can allow access to several users
> without access for the group, and this was working after the migration.
>
> it could be a different ACL behaviour between SLES 9 (Samba
> 3.0.20b-3.17-1297-SUSE) and SLES 10 (Samba 3.0.28-0.2-1625-SUSE-CODE10)?
>
> how i can get ACL working if so?
>
> write list = @GROUP1
> read list = @GROUP1
> force group = GROUP1
> valid users = @GROUP1, @"Domain Admins"
It may be just my testing but I have found when you force things like
this (and don't just use the unix file system permissions to do the
same thing) the acls do not work as expected.
John
More information about the samba
mailing list