ACL inheritance mess with win2k clients...
Jim McDonough
jmcd at us.ibm.com
Wed Oct 2 23:35:00 GMT 2002
>> Using a 2k client, that same checkbox is named "reset permissions on all
>> child objects and enable propagation of inheritable permissions", and it
>> causes the following behavior: for each file/dir in a tree, it
propagates
>> the current permissions from parent to the child (so far so good), but
it
>> does it from the deepest point up, so what we get is:
>>
>> /a/b/c/d/e gets /a/b/c/d's current permissions
>> /a/b/c/d gets /a/b/c's current permissions
>> /a/b/c gets /a/b's current permissions
>> /a/b gets /a's current permissions
>> /a gets set as you said.
>>
>> When 2k does this to NT, it all works ok. the 2k client is explicitly
>> setting everything the way you want. Something is telling him to do it
>> differently with us. I first suspected ACL revisions, but I did
eliminate
>> that pretty quickly (two lines of change). Any ideas here?
>
>So when a W2K client does this to a NT server, what pattern of ACL
>set operations gets done ?
The same acl gets applied to all, so the same set is done in this order:
/a/b/c/d/e
/a/b/c/d
/a/b/c
/a/b
/a
So they all end up with the same thing. It still even tries to set the
auto-inherited bit.
----------------------------
Jim McDonough
IBM Linux Technology Center
Samba Team
6 Minuteman Drive
Scarborough, ME 04074
USA
jmcd at us.ibm.com
jmcd at samba.org
Phone: (207) 885-5565
IBM tie-line: 776-9984
More information about the samba-technical
mailing list