Questions about ACLs

Andrew Bartlett abartlet at
Wed May 30 00:08:22 MDT 2012

On Tue, 2012-05-29 at 19:26 +0200, Marc Muehlfeld wrote:
> Hello,
> I did a migration on my test system with "--use-xattrs=yes" (latest git 
> version). I can add additional users/groups to a file or directory. The 
> changes are also stored, if I recheck this later. But where it is stored? 
> getfacl doesn't show it to me:
> # getfacl bla
> # file: bla
> # owner: 1061
> # group: 1031
> user::rw-
> group::r--
> other::r--
> The "Testing your filesystem" section from the HowTo works fine. Also the ext4 
> filesystem is mounted with user_xattr:
> /dev/sda1 on / type ext4 (rw,user_xattr)
> The kernel on my Scienetific Linux 6 (RHEL6 clone) is also compiled with xattrs:
> Where are the additional ACLs stored and why not in the filesystem here? Did I 
> miss something?

If you were using a version before alpha21, then s3fs wasn't the
default, and so we didn't attempt to emulate the NT ACL into a POSIX

With s3fs, we now do the translation.  See

> And one more question about ACLs:
> In my s3 live system, my user/groups are stored in LDAP and I see the 
> owner/group of file trough nss_ldap on linux. In my s4 test environment, now 
> all files show only the uid/gid on files/directories. Can I get the 
> user-/groupnames back by letting nss_ldap connect to the samba LDAP?

Use nss_winbind for that.

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 

More information about the samba-technical mailing list