Make ACL headers required by default for Samba 4.0

Volker Lendecke Volker.Lendecke at SerNet.DE
Sun May 13 00:47:29 MDT 2012

On Sun, May 13, 2012 at 04:11:12PM +1000, Andrew Bartlett wrote:
> A number of folks over time have hit the issue that Samba's POSIX ACL
> support is optional - we work fine for most things without it, but
> because of this you only notice it being missing much later, when you
> start to really need it.
> To catch this issue for potential deployments of the Samba 4.0 AD DC, I
> have a trap in the provision stage that checks for ACL support on the
> current file system, but it seems to me that this point is too late in
> the process.
> I propose that by default, we should require some form of system ACL
> header to build Samba.  Then, if a user is on a system without ACL
> headers or is unwilling to install them, they can specify the
> --without-acl-support that would be hinted at in the error. 
> This will also aid distributors, who would find at build stage (without
> needing to specify options) if ACL support somehow wasn't going to be
> compiled in. 
> What do folks think?

This is fine for the real AD domain controller build. For
the pure fileserver that also is supposed to build without
Kerberos necessarily this is not okay I think. Note that I
am not at this point talking about waf vs autoconf. If in
the future it is decided to drop autoconf, the legacy build
features must be ported to waf.


SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen, mailto:kontakt at

More information about the samba-technical mailing list