Samba 2.2.3 released - Default ACLs still not working

Olaf Fr±czyk olaf at cbk.poznan.pl
Tue Feb 5 12:39:20 GMT 2002 

Hi,

I have still problems with default ACLs. I use XFS filesystem on Linux, 
WinNT clients.

What I want:
If I create file or directory in Windows, I want to get __exactly__ the 
same permissions as using touch or mkdir under linux.
But this is simply impossible :(

I tried with everything I could think about :)
Here are examples for 2 configurations:

In Linux:
[root at venus test]# mkdir test
[root at venus test]# chacl -b u::rwx,g::---,o::---,g:office:rwx,m::rwx 
u::rwx,g::---,o::---,g:office:rwx,m::rwx test
[root at venus test]# chacl -l *
test 
[u::rwx,g::---,o::---,g:office:rwx,m::rwx/u::rwx,g::---,o::---,g:office:rwx,m::rwx]
[root at venus test]# cd test
[root at venus test]# touch test.txt
[root at venus test]# mkdir test_dir
[root at venus test]# chacl -l *
test_dir 
[u::rwx,g::---,o::---,g:office:rwx,m::rwx/u::rwx,g::---,o::---,g:office:rwx,m::rwx]
test.txt [u::rw-,g::---,o::---,g:office:rwx,m::rw-]

So everything is cool, the permissions are inherited correctly.
Now I create in the 'test' directory a file and a directory in Windows 
using config:
directory mask = 0777
create mask = 0777
map archive = no  And I get:

[root at venus test]# chacl -l *
test_dir 
[u::rwx,g::---,o::---,g:office:rwx,m::rwx/u::rwx,g::---,o::---,g:office:rwx,m::rwx]
test_dir_win 
[u::rwx,g::rwx,o::---,g:office:rwx,m::rwx/u::rwx,g::---,o::---,g:office:rwx,m::rwx]
test.txt [u::rw-,g::---,o::---,g:office:rwx,m::rw-]
test_win.txt [u::rw-,g::rw-,o::---,g:office:rwx,m::rwx]

So:
For directory test_dir_win:
group has additional 'rwx' permissions
For file test_win.txt:
group has additional 'rw' permissions
group "office" has additional effective 'x' permission (originally it is 
masked by ACL mask.

So I added:
inherit permissions = yes
to my share config.
And I created in windows new file and directory and I got exactly the same 
result:

[root at venus test]# chacl -l *
test_dir 
[u::rwx,g::---,o::---,g:office:rwx,m::rwx/u::rwx,g::---,o::---,g:office:rwx,m::rwx]
test_dir_win 
[u::rwx,g::rwx,o::---,g:office:rwx,m::rwx/u::rwx,g::---,o::---,g:office:rwx,m::rwx]
test_dir_win_1 
[u::rwx,g::rwx,o::---,g:office:rwx,m::rwx/u::rwx,g::---,o::---,g:office:rwx,m::rwx]
test.txt [u::rw-,g::---,o::---,g:office:rwx,m::rw-]
test_win1.txt [u::rw-,g::rw-,o::---,g:office:rwx,m::rwx]
test_win.txt [u::rw-,g::rw-,o::---,g:office:rwx,m::rwx]

When will it work correctly, this is known problem since 2.0.0?
And every release I write about it.
Why not to create files and directories (on shares which support ACLs, 
DACLs) exactly as 'touch' and 'mkdir' does?

Regards,

Olaf Fraczyk

More information about the samba-technical mailing list