ACL inheritance mess with win2k clients...
jra at dp.samba.org
jra at dp.samba.org
Wed Oct 2 22:28:00 GMT 2002
On Tue, Oct 01, 2002 at 04:36:18PM -0400, Jim McDonough wrote:
> Setting ACLs from an NT4 client, checking the box that says "reset
> permission on child objects", everything seems to work fine. I'm using
> current SAMBA_2_2.
>
> Using a 2k client, that same checkbox is named "reset permissions on all
> child objects and enable propagation of inheritable permissions", and it
> causes the following behavior: for each file/dir in a tree, it propagates
> the current permissions from parent to the child (so far so good), but it
> does it from the deepest point up, so what we get is:
>
> /a/b/c/d/e gets /a/b/c/d's current permissions
> /a/b/c/d gets /a/b/c's current permissions
> /a/b/c gets /a/b's current permissions
> /a/b gets /a's current permissions
> /a gets set as you said.
>
> When 2k does this to NT, it all works ok. the 2k client is explicitly
> setting everything the way you want. Something is telling him to do it
> differently with us. I first suspected ACL revisions, but I did eliminate
> that pretty quickly (two lines of change). Any ideas here?
So when a W2K client does this to a NT server, what pattern of ACL
set operations gets done ?
Jeremy.
More information about the samba-technical
mailing list