Problem with "nt acl support" when saving Excel or Word Files

Christoph Mack cmack at rainbow.studorg.tuwien.ac.at
Mon Jan 13 16:27:02 GMT 2003 

Hello!

I am running a Samba 2.2.5 Server with winbind and acl support on a SuSE Linux
8.1 (Kernel 2.4.19) box. I have a problem with saving and reopening Files
from a Windows2000 client with Word and Excel. The Files do not belong to the
editing user even though he should have the rights to save the File because
he is a member of the owning group which has rwx permissions.

I have the following "getent passwd" output for 2 Users A and B:
Admin:x:10:100:Administrator:/home/Administrator:/bin/bash
A:x:20:100:User A:/home/A:/bin/bash
B:x:30:100:User A:/home/A:/bin/bash

...and the following "getent group" output:
G:x:100:A,B,Admin
H:x:200:A,B

I export a share /u00 with an xfs Filesystem on it.
The /u00/test Directory has the following acls:

# file: u00/test
# owner: Admin
# group: H
user::rwx
group::rwx
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:G:rwx
default:group:H:rwx
default:mask::rwx
default:other::---

The Excel File excel.xls has the following acls:

# file: excel.xls
# owner: A
# group: H
user::rwx
group::rwx
other::---

Now from my Win2K client when I open excel.xls as User B change something and
save it again, I get the following error message from Excel:
"Document saved successfully. Cannot reopen the saved document due to low
memory. Please close the document."

The thing with the low memory is of course not true. The reason why Excel
cannot reopen the document (rw) reveals if we have a look at the acls of the
changed file:

# file: Mobilkom-Aufstellung.xls
# owner: B
# group: G
user::r--
user:A:rwx
group::---
group:H:rwx
mask::rwx
other::---
 
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
The file now belongs to B and he has only READ permissions!! :(((
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

AFAIK when saving a file Excel saves into a temporary File first. It then
deletes the original File and move the temporary File to the original
Filename. When I disable nt acl support I do not have the problem. I already
played with various settings of create modem force create mode, ... and
default acls on the /u00/test directory but nothing helped!

Does anybody know a solution?

Below you can find my smb.conf File:

thank you in Advance
   Christoph Mack

----------------------------------------------------------------------

[global]
        workgroup = XYZ
        netbios name = FILESERVER
        security = DOMAIN
        encrypt passwords = Yes
        password server = *
        socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
        character set = ISO8859-15
        os level = 2
        winbind uid = 10000-20000
        winbind gid = 10000-20000
        template shell = /bin/bash

[u00]
        comment = Testshare
        path = /u00
        read only = No
        inherit acls = yes
        inherit permissions = yes
        nt acl support = yes
        fstype = Samba

More information about the samba-technical mailing list