Samba on Linux with no ACL's is making things tough

Jason Haar Jason.Haar at
Tue Apr 4 21:17:19 GMT 2000

On Wed, Apr 05, 2000 at 03:35:15AM +1000, Jeremy Allison wrote:
> This is something I'm working on at the moment in 2.0.x
> and HEAD. The Linux trustee patch seems ok for the particular
> problem, but doesn't allow Windows clients access to modify
> ACLS for files that they own. To do that you need POSIX
> ACL support - that's the API we'll be adding into Samba
> 2.0.8 and HEAD (and TNG with the merge going on).

Am I missing something? I would have thought if any ACL-based system was put
in place, then any process that created/altered files under that system
would be affected (that's assuming this ACL system is like NT's and
propagates). As such, it should be able to give you up to the same
functionality as NT's "Change" ACL - i.e. a user/group/set of users can
read/write to a particular directory, and any new files they add have the
same perms as the tree, and the user cannot alter the perms.. I would have
thought that would be independant of Samba....

The "Change" perm is the primary ACL we use here (i.e. "Full Control" is for
Administrator only), so having that functionality available under Samba
(whether it be Samba that actually does it) would be fantastic.


Jason Haar

Unix/Network Specialist, Trimble NZ
Phone: +64 3 3391 377 Fax: +64 3 3391 417

More information about the samba-technical mailing list