minor ACL issues SAMBA_2_2, Solaris 8

Jeremy Allison jeremy at valinux.com
Tue Jul 3 17:38:06 GMT 2001 

Michael Gerdts wrote:
> 
> I have found two issues with ACL's on Solaris 8:  "no permission" gets
> translated into "take ownership" 

This is by design. I'm writing a whitepaper on the ACL mapping
design (not finished yet) that'll explain why this is done.

> When both a unix group and a unix user exist with the same name, the
> "Add Users and Groups" dialogue does not display the group as a workstation
> group.  Removing the user allows the group to be listed in the "Add Users
> and Groups" dialogue.
> 
> Perhaps this is a limitation of the NT ACLs...

This is an NT limitation - NT doesn't deal well with users and groups with
the same name.

> Take ownership
> ==============
> 
> This may be desired behavior, but I have not seen documentation on how
> ACL's are supposed to work.  If there is some documentation that has been
> started or exists within comments, whatever, I would be willing to put a
> bit of time in to get it into a format suitable for inclusion in the docs
> directory.

Take ownership will only work for the root user. Think about
what this is doing on the UNIX filesystem, and the POSIX 
limitations.

> -r--------   1 mgerdts  cns            0 Jul  3 11:01 400-mgerdts-cns
> 
> On NT 4, (WTS, Citrix) reports it as:
> 
>   [group]  server\cns           Special Access (O)
>   [user]   server\mgerdts       Special Access (R)
>   [global] Everyone             Speical Access (O)
> 
> I guess I would expect:
> 
>   [group]  server\cns           No Access (None)
>   [user]   server\mgerdts       Special Access (R)
>   [global] Everyone             No Access (None)

See above, this is by design.

Once the whitepaper is done (has to be finished for the
CIFS conference in august as I'm presenting it there :-)
then I'll post it for comments and get it added to the
Samba docs.

Jeremy.

-- 
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------

More information about the samba-technical mailing list