ACL inheritance mess with win2k clients...
Jim McDonough
jmcd at us.ibm.com
Tue Oct 1 20:38:45 GMT 2002
Setting ACLs from an NT4 client, checking the box that says "reset
permission on child objects", everything seems to work fine. I'm using
current SAMBA_2_2.
Using a 2k client, that same checkbox is named "reset permissions on all
child objects and enable propagation of inheritable permissions", and it
causes the following behavior: for each file/dir in a tree, it propagates
the current permissions from parent to the child (so far so good), but it
does it from the deepest point up, so what we get is:
/a/b/c/d/e gets /a/b/c/d's current permissions
/a/b/c/d gets /a/b/c's current permissions
/a/b/c gets /a/b's current permissions
/a/b gets /a's current permissions
/a gets set as you said.
When 2k does this to NT, it all works ok. the 2k client is explicitly
setting everything the way you want. Something is telling him to do it
differently with us. I first suspected ACL revisions, but I did eliminate
that pretty quickly (two lines of change). Any ideas here?
----------------------------
Jim McDonough
IBM Linux Technology Center
Samba Team
6 Minuteman Drive
Scarborough, ME 04074
USA
jmcd at us.ibm.com
jmcd at samba.org
Phone: (207) 885-5565
IBM tie-line: 776-9984
More information about the samba-technical
mailing list