Problem with default ACLs
Olaf Fr±czyk
olaf at cbk.poznan.pl
Tue Oct 9 08:44:30 GMT 2001
On 2001.10.05 22:49:10 +0200 Jeremy Allison wrote:
>
> Ok - you can get the effect you need under 2.2.2 by adding
> the parameter "inherit permissions = Yes" to the share in
> question. This causes the initial mode_t to be inherited
> from the parent directory, which is essentially what you
> want.
Hi,
Sorry, for late reply, but I was travelling a bit.
If we have default acls then we should create a file in this way:
fd=open("test_touch", O_WRONLY | O_CREAT | O_NONBLOCK | O_NOCTTY,
S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
This is exacltly, as it 'touch' does. And it is perfect.
To find out if parent directory has default acl we can use:
struct acl *test_acl;
test_acl=acl_get_file("ParentDirectoryName",ACL_TYPE_DEFAULT);
if(test_acl) /*The call was successful*/
{
if(test_acl->acl_cnt)
{
/*we have default ACL, new code here*/
}
else
{
/*we don't have default ACL, old code here*/
}
}
else
{
/* ACL are not supported, or an error occured, old code here */
}
Sorry, I didn't send a patch, but I don't know samba code well,
and it is not easy to dig through it ;)
I have tried "inherit permissions" before I sent my email.
This doesn't work perfectly:
1.
The folder has permissions:
test_folder [u:olaf:---,u:piotr:rwx,g::rwx,u::rwx,o::---,m::rwx/u:olaf:---,u:piotr:rwx,g::rwx,u::rwx,o::---,m::rwx]
And the files created in this folder:
Under windows:
test_win_inherited.txt [u:olaf:---,u:piotr:rwx,g::rw-,u::rwx,o::---,m::rwx]
Under linux:
test_linux.txt [u:olaf:---,u:piotr:rwx,g::rwx,u::rw-,o::---,m::rw-]
So, as you see, there is mask with rw-. And the user 'piotr' doesn't have
permission to execute the file.
When created under windows, it has this right. This is true also for owner.
2.
For user,group.other, the inherited permissions are the normal permissions
of directory, not the default:
test_folder [o::rwx,u:piotr:rwx,g::rwx,u::rwx,m::rwx/o::---,g::rwx,u::rwx,m::rwx,u:piotr:---]
And files:
test2_linux.txt [o::---,g::rwx,u::rw-,m::rw-,u:piotr:---]
test2_win_inherited.txt [o::rw-,g::rw-,u::rwx,m::rwx,u:piotr:---]
Regards,
Olaf
More information about the samba-technical
mailing list