Handle IDMAP_BOTH in posix_acls.c

Stefan (metze) Metzmacher metze at samba.org
Thu May 3 02:02:59 MDT 2012

Hi Andrew,

> In my s3-acls branch I have a patch to use IDMAP_BOTH in posix_acls.c
> I know you are both very keen to get IDMAP_BOTH properly supported in
> smbd, so we can support GPOs in the s3fs configuration.  I'm hoping to
> today and tomorrow write some tests for GPO ACLs but in the meantime I
> think this is what we need:
> https://git.samba.org/?p=abartlet/samba.git/.git;a=commitdiff;h=9ae38a8f985bf04c598ab8b469226fe94e2624a5

I think for the IDMAP_BOTH case we should just create a GID_ACE.
As we put the unix id into the unix group token, it should be enough
to store the GID_ACE.

We should also check, if it would be better to handle

We might also need to change the NFSv4 mapping code...


More information about the samba-technical mailing list