Problem with default ACLs
Olaf Frączyk
olaf at cbk.poznan.pl
Mon Oct 1 07:24:07 GMT 2001
Hi,
I found two problems with default ACLs. I use XFS filesystem, and Windows
NT 4.0 Workstation SP 6a as the client. Samba: todays CVS.
1.
create directory 'test_folder'
and set ACL:
test_folder [u:olaf:---,u:piotr:rwx,g::rwx,u::rwx,o::---,m::rwx/u:olaf:---,u:piotr:rwx,g::rwx,u::rwx,o::---,m::rwx]
now, I go into the folder and create (in WinNT) a file "test.txt":
the ACL it has are:
test.txt [u:olaf:---,u:piotr:rwx,g::rw-,u::rwx,o::rw-,m::rwx]
So, user 'olaf' has no permissions, but 'other' has 'rw' permissions.
If I create e.g. "test2.txt" (touch test2.txt) in UNIX box then I have:
test2.txt [u:olaf:---,u:piotr:rwx,g::rwx,u::rw-,o::---,m::rw-]
So both 'olaf' and 'other' have no permissions (and this is correct).
2. In above example is one more ugly thing:
the 'x' permission for files. As you see if the default ACL is "rwx", then
a file which is created has:
Using WinNT: "rwx" permissions
Using UNIX: "rw" permissions (what, I think, is more expected).
Yes, I know 'piotr' has 'rwx', but there is mask 'rw-', so the effective
rights are 'rw-'.
I now, that you want to keep mask "rwx" because it is simplier to deal with
Windows permissions, but the bits masked out by mask should be cleared for
other entries.
Regards,
Olaf Fraczyk, <olaf at cbk.poznan.pl>
More information about the samba-technical
mailing list