SV: Modification of ACL using NT breaks default ACL on Solaris

Johannes Tyve johannes.tyve at sgu.se
Wed May 16 08:34:43 GMT 2001 

I've tested with the latest CVS and I still have the problem. I'm using Solaris 2.6, could there be a diffrence between 2.6 and 8? How did the smb.conf file look like on the Solaris 8 box that you tested on?

Regards,
Johannes

----- Original Message ----- 
From: Jeremy Allison <jeremy at valinux.com>
To: Johannes Tyve <Johannes.Tyve at sgu.se>
Cc: <samba-technical at lists.samba.org>
Sent: Thursday, April 26, 2001 12:43 AM
Subject: Re: Modification of ACL using NT breaks default ACL on Solaris


> Johannes Tyve wrote:
> > 
> > Directory from Solaris:
> > 
> > jste at sys7:test> getfacl folder/
> > 
> > # file: folder/
> > # owner: ntsysadm
> > # group: adb
> > user::rwx
> > user:katta:rwx          #effective:rwx
> > user:jste:rwx           #effective:rwx
> > user:andlag:rwx         #effective:rwx
> > group::r-x              #effective:r-x
> > mask:rwx
> > other:r-x
> > default:user::rwx
> > default:user:katta:rwx
> > default:user:jste:rwx
> > default:user:andlag:rwx
> > default:group::r--
> > default:mask:r--
> > default:other:r--
> > 
> > I NT Security / Permissions:
> > 
> > Everyone        Special Access (RX) (R)
> > SYS7\adb        Special Access (RX) (R)
> > SYS7\andlag     Special Access (RWX)(R)
> > SYS7\jste       Special Access (RWX)(R)
> > SYS7\katta      Special Access (RWX)(R)
> > SYS7\ntsysadm   Special Access (RWX)(RWX)
> > 
> > Not changing anything, only press OK button
> > 
> > Solaris permissions:
> > 
> > jste at sys7:test> getfacl folder/
> > 
> > # file: folder/
> > # owner: ntsysadm
> > # group: adb
> > user::rwx
> > user:katta:rwx          #effective:rwx
> > user:jste:rwx           #effective:rwx
> > user:andlag:rwx         #effective:rwx
> > group::r-x              #effective:r-x
> > mask:rwx
> > other:r-x
> > default:user::rwx
> > default:group::r--
> > default:mask:r--
> > default:other:r--
> > 
> > I NT Security / Permissions:
> > 
> > Everyone        Special Access (RX) (R)
> > SYS7\adb        Special Access (RX) (R)
> > SYS7\andlag     Special Access (RWX)*(Nothing)
> > SYS7\jste       Special Access (RWX)*(Nothing)
> > SYS7\katta      Special Access (RWX)*(Nothing)
> > SYS7\ntsysadm   Special Access (RWX)(RWX)
> > 
> 
> Ok - I've just tried this on Linux using the latest CVS
> for 2.2, and I can't reproduce it. What happens to me is
> that the default perms get rewritten after changing the mask
> to rwx and masking out the current default perms (as expected,
> as NT knows nothing about masks).
> 
> This looks like a bug in the Solaris lib/sysacl.c layer,
> which I can't easily test without access to a Solaris box.
> 
> Anyone (DaveCB ?) with access to a Solaris 8 box want to
> test this using CVS 2.2 latest ?
>

More information about the samba-technical mailing list