[Samba] does cifs understand acl's?

steve steve at steve-ss.com
Sun Jun 2 03:25:56 MDT 2013


4.0.6 file server for a 4.0.6 domain, reproducible with a 3.6.12, and
3.6.15 file server. 

File created in a share are created according to the acl set, but not
when mounted by cifs:

Here is a share
[test]
read only = No
path = /home/test

Here is the acl:
getfacl test
# file: test
# owner: root
# group: staff2
# flags: -s-
user::rwx
group::rwx
other::r-x
default:user::rwx
default:group::rwx
default:other::r-x

Here is a session on the unmounted share on the file server, all as
expected:
steve2 at altea:/home/test> touch steve2.txt
steve2 at altea:/home/test> ls -l
total 0
-rw-rw-r-- 1 steve2 staff2 0 Jun  2 10:58 steve2.txt
steve2 at altea:/home/test> getfacl steve2.txt 
# file: steve2.txt
# owner: steve2
# group: staff2
user::rw-
group::rw-
other::r--

Now the same session on a client with the share mounted:
 
catral:/home/steve # mount -t cifs //altea/test /mnt
-osec=krb5,username=cifs,multiuser
catral:/home/steve # exit
exit
steve at catral:~> su steve2
Contraseña: 
steve2 at catral:/home/steve> cd /mnt
steve2 at catral:/mnt> touch steve22.txt
steve2 at catral:/mnt> ls -l
total 0
-rw-r--r-- 1 steve2 staff2 0 jun  2 11:18 steve22.txt
-rw-rw-r-- 1 steve2 staff2 0 jun  2 10:58 steve2.txt

steve2 at catral:/mnt> getfacl steve22.txt
# file: steve22.txt
# owner: steve2
# group: staff2
user::rw-
group::r--
other::r--

steve2 at catral:/mnt> mount | grep mnt
//altea/test on /mnt type cifs
(rw,relatime,vers=1.0,sec=krb5,cache=strict,unc=\\altea
\test,multiuser,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.1.100,unix,posixpaths,serverino,acl,noperm,rsize=1048576,wsize=65536,actimeo=1)

Note how the acl is ignored by cifs.

Question: Does cifs honour acls set on ext4 filesystems with
acl,usr_xattr?
Must I use smb.conf to control permssions and acl?

Thanks,
Steve



More information about the samba mailing list