What evaluates file perms when ACL's are involved?
mlueck at lueckdatasystems.com
Wed Mar 8 13:02:01 GMT 2006
Jeremy Allison wrote:
> ALL checks are done by the kernel
OK, thus have to contact those developers to seek out any flowchart they might have in understanding how this all works. I mean, though we did not try it yesterday, one thing came to mind that you
could say userx is the owner/group of the file w/ rwx (native filesystem attr) but then in the acl say that userx has no rwx... "And the result would be?" Those kind of questions.
> If you're absolutely depending on mode bits being correct it's essential
> to stop Samba mapping the DOS attributes into mode bits. Ensure you
> have EA's available on the filesystem and set :
> map hidden = no
> map system = no
> map archive = no
> store dos attributes = yes
OK, will add those to the shares.
We do not have set "nt acl support = yes" but changes made from Windows on the Security tab of a file are showing up on the native Linux file system. So what exactly are we missing by not setting that
Is "map acl inherit = yes" anything we should be evaluating?
> As I'm employed by Novell, I'd like this to succeed :-). Attached is a
> PhD level paper on how Samba deals with ACLs, in OpenOffice format :-).
Thanks very much, I'll grab OOo and see what is inside.
> Good luck ! Let us know how it goes !
Yes indeed, and thanks for your overnight reply!
Lueck Data Systems
Remove the upper case letters NOSPAM to contact me directly.
More information about the samba-technical