Handle IDMAP_BOTH in posix_acls.c
Stefan (metze) Metzmacher
metze at samba.org
Thu May 3 02:02:59 MDT 2012
> In my s3-acls branch I have a patch to use IDMAP_BOTH in posix_acls.c
> I know you are both very keen to get IDMAP_BOTH properly supported in
> smbd, so we can support GPOs in the s3fs configuration. I'm hoping to
> today and tomorrow write some tests for GPO ACLs but in the meantime I
> think this is what we need:
I think for the IDMAP_BOTH case we should just create a GID_ACE.
As we put the unix id into the unix group token, it should be enough
to store the GID_ACE.
We should also check, if it would be better to handle
SMB_ACL_USER_OBJ and SMB_ACL_GROUP_OBJ differently.
We might also need to change the NFSv4 mapping code...
More information about the samba-technical