samba4 - acces to shared directory by groups permissions don't work

Jeremy Allison jra at samba.org
Tue Mar 31 19:21:04 GMT 2009


On Tue, Mar 31, 2009 at 04:39:31PM +1100, Andrew Bartlett wrote:
> 
> Files will be created as the UID that Samba determines for that new user
> (stored in it's IDMAP, and unrelated to any existing user).  Users
> access to those files will be restricted by the intersection of both the
> posix mode (user group other) any posix ACL and the windows ACL applied
> to the file.  Only the windows ACL will be visible from the client, and
> only the windows ACL can be changed.
> 
> Yes, this sucks, and we need someone to work on porting in a mapping
> from Posix ACLs to NT ACLs from Samba3.  (We support a mapping on NFSv4
> ACLs, but no linux distribution ships with that enabled). 

That's not the way it works in current code (3.3.x). The NT ACLs
in Samba3 can be stored in EA's, but they are still mapped down
on "apply" to POSIX ACLs underneath.

Jeremy.


More information about the samba-technical mailing list