[Samba] acl's, Samba4 and rw shares
steve
steve at steve-ss.com
Mon Mar 5 14:43:08 MST 2012
On 16/02/12 19:39, Aaron E. wrote:
> Setting the Permissions in windows is easy, browse to your server like
> so..start> run \\server
>
> right click share > properties,> security tab -- if your unfamiliar with
> windows permissions I would read up on those..
>
> being doable in linux,, hmm I'm sure it is but as I said I would create
> a share change windows permissions and look at them through linux, do
> that and you'll get the idea of what I'm talking about...
>
> Someone can correct me here if I step out of bounds but I don't think
> the samba team has gotten this far yet to make the samba-tool ntacl tree
> practical to use..
>
> as far as how the perms are shared is relative to file-system support,
> that's what the user_xattr support on the mount point is for.. so it
> adds the support for the Linux mount to store the NTACLS ,
>
Hi again
I dug a little deeper by setting the acl on windows and then
successfully transferring to another:
samba-tool ntacl get --as-sddl sd
O:S-1-5-21-443838659-2890314986-1722269781-500G:S-1-5-21-443838659-2890314986-1722269781-1118D:(A;;0x001f01ff;;;SY)(A;OICI;0x001301bf;;;S-1-5-21-443838659-2890314986-1722269781-1118)(A;OICI;0x001f01ff;;;S-1-5-21-443838659-2890314986-1722269781-500)
samba-tool ntacl set
"O:S-1-5-21-443838659-2890314986-1722269781-500G:S-1-5-21-443838659-2890314986-1722269781-1118D:(A;;0x001f01ff;;;SY)(A;OICI;0x001301bf;;;S-1-5-21-443838659-2890314986-1722269781-1118)(A;OICI;0x001f01ff;;;S-1-5-21-443838659-2890314986-1722269781-500)"
sd2
Unknown parameter encountered: "secrets database"
Don't know about the error but it works:-)
Also, it's now possible to create a share the old way:
[hotel]
path = /home/CACTUS/hotel
read only = No
create mask = 0770
the latter method!
Cheers,
Steve
That does the same thing. I tend to favour
More information about the samba
mailing list