Setting ACLs when creating files from Windows

Jeremy Allison jra at
Thu Aug 7 19:53:56 GMT 2008

On Thu, Aug 07, 2008 at 03:32:42PM +0200, Corinna Vinschen wrote:

> Well, in theory I don't care if it's a network FS or a local FS.
> Cygwin's open() code simply tries to create files with a SD which
> contains the current user, its primary group and an Everyone ACE,
> regardless of the underlying FS.  This works fine on local and remote
> Windows filesystems, just not on Samba which needs the described
> workaround, and on NFS, which uses an entirely different mechanism, the
> extended attributes approach.  It's not exactly Samba's fault, it's just
> annoying that so many different code paths are required to get the same
> result on different filesystems.  I had hoped for a simpler approach.

The reason that works on the Windows server is it just stores
the arbitrary local SID as owner and group on the remote box.
Those numbers won't mean anything to any other box looking at
the files (even the box you're storing it on) so you're not
really solving anything here other than for the single user
on a box case.


More information about the samba-technical mailing list