Samba on Linux with no ACL's is making things tough

Jeremy Allison jeremy at
Tue Apr 4 23:27:19 GMT 2000

Jason Haar wrote:

> Am I missing something? I would have thought if any ACL-based system was put
> in place, then any process that created/altered files under that system
> would be affected (that's assuming this ACL system is like NT's and
> propagates). As such, it should be able to give you up to the same
> functionality as NT's "Change" ACL - i.e. a user/group/set of users can
> read/write to a particular directory, and any new files they add have the
> same perms as the tree, and the user cannot alter the perms.. I would have
> thought that would be independant of Samba....
> The "Change" perm is the primary ACL we use here (i.e. "Full Control" is for
> Administrator only), so having that functionality available under Samba
> (whether it be Samba that actually does it) would be fantastic.

Well there are two issues here. One is obeying the ACL
restrictions on a filesystem. Samba will naturally do
this as it is just a UNIX program running under a known
userid. The second is displaying the ACL list on a file
and allowing a Windows client to modify it. That second
part is what requires known ACL API's such as the POSIX


Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.

More information about the samba-technical mailing list