PROPOSAL: extend UNIX_INFO2 to mark existence of ACLs

James Peach jpeach at
Tue Jan 22 21:32:26 GMT 2008

On Jan 22, 2008, at 1:23 PM, Steve French wrote:

> James Peach wrote:
>> Hi all,
>> Unix SMB client could often avoid a few round-trips to the server  
>> if  they could tell whether a file had an ACL at the point where  
>> they  query its metadata (presumably using the UNIX_INFO2 info  
>> level).
>> Since the permissions field is 64bits, how about stealing the high  
>> bit  of this field to indicate whether the file might have an ACL?
>> We'd probably need a mechanism for clients to figure out whether  
>> the  bit was meaningful or not ....
> Do you mean POSIX ACL or NT ACL?
> For the case of an NT ACL, how would you distinguish between the  
> case in which the file has an emulated ACL and a "real" ACL?  If you  
> query the NT ACL eg. with smbcacls, Samba will report one, even on  
> files which do not have an ACL.

You might be able to tell that I haven't thought this through very  
thoroughly yet :)

But I think that I agree with Simo that the server should only set the  
bit for a "real" ACL, ie. it should not set the bit for files whose  
only ACL is fabricated from the POSIX permissions bits. 

More information about the samba-technical mailing list