BUG: Propagating ACLs down a directory tree only works for one le vel per attempt

jra at dp.samba.org jra at dp.samba.org
Mon Apr 7 21:54:08 GMT 2003


On Mon, Apr 07, 2003 at 02:50:13PM -0700, Marc Kaplan wrote:
> Hello List:
> 
> So I have a directory tree like this:
> 
> SHARE1 
>       |->DirA
> 	   |-->DirB
> 	       |-->DirC
> 
> So, DirA is a subdir of SHARE1 (which is a share), DirB is a subdir of DirA,
> and DirC is a subdir of DirB.
> 
> When I use Win2k Advanced permissions tab to "Reset permissions on all child
> objects and enable propagation of inheritable permissions" on DirA, the
> behavior I see is that the permission is only propagated down a single level
> to DirB and NOT to DirC. 
> 
> The very interesting thing is that if after running the propagation once, I
> click the "Reset permissions..." button again, it will propagate to DirC. So
> if I have a 100 level directory tree, I will have to click the "Reset
> permissions..." button 100 times :).
> 
> I have an Ethereal trace of this failed propagation for the directory
> structure above on Win2k->Samba and a comparative Ethereal trace of this
> operation succeeding on Win2k->Win2k. I didn't attach it (it's a pretty
> large trace), but I can send it to anyone who wants it. 

Thanks Marc,

	Now the security fix is out I'm going to concentrate for a while
on getting the ACL inheritance code working. I'll ping you if I can't
reproduce this myself, but it should be pretty easy to reproduce.

Thanks,

	Jeremy.


More information about the samba-technical mailing list