mapping SYNCHRONIZE permission in NTFS ACL for ZFS
Paul B. Henson
henson at acm.org
Tue Jan 11 14:35:19 MST 2011
I'm working with Solaris' bundled version of samba 3.5.5, and am seeing
some weirdness with ACL mapping between ZFS and windows. By default (in my
configuration), a new file in a directory inherits an initial (zfs) acl
like:
-rw-------+ 1 henson csupomona 0 Jan 11 12:32 test.txt
owner@:rw-pdDaARWcC--:------:allow
Or more verbosely:
-rw-------+ 1 henson csupomona 0 Jan 11 12:32 test.txt
0:owner@:read_data/write_data/append_data/read_xattr/write_xattr
/delete_child/read_attributes/write_attributes/delete/read_acl
/write_acl:allow
With this acl, windows refuses to rename the file. A dialog box pops up
saying:
"File Access Denied"
"You need permission to perform this action"
"You require permission from \henson to make changes to this file"
This is completely from the client side, connecting with smbclient allows
renaming fine.
More information about the samba-technical
mailing list