samba4 - acces to shared directory by groups permissions don't
work
Andrew Bartlett
abartlet at samba.org
Tue Mar 31 21:02:39 GMT 2009
On Tue, 2009-03-31 at 12:21 -0700, Jeremy Allison wrote:
> On Tue, Mar 31, 2009 at 04:39:31PM +1100, Andrew Bartlett wrote:
> >
> > Files will be created as the UID that Samba determines for that new user
> > (stored in it's IDMAP, and unrelated to any existing user). Users
> > access to those files will be restricted by the intersection of both the
> > posix mode (user group other) any posix ACL and the windows ACL applied
> > to the file. Only the windows ACL will be visible from the client, and
> > only the windows ACL can be changed.
> >
> > Yes, this sucks, and we need someone to work on porting in a mapping
> > from Posix ACLs to NT ACLs from Samba3. (We support a mapping on NFSv4
> > ACLs, but no linux distribution ships with that enabled).
>
> That's not the way it works in current code (3.3.x). The NT ACLs
> in Samba3 can be stored in EA's, but they are still mapped down
> on "apply" to POSIX ACLs underneath.
Indeed, and it is this mapping on apply that needs to be brought into
Samba4.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc. http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20090401/3d4ad0f3/attachment.bin
More information about the samba-technical
mailing list