Samba + NFS + (not visible) ACLs
Albert Fluegel
af at muc.de
Fri Feb 15 03:16:01 MST 2013
Hello,
On Wed, Feb 13, 2013 at 04:59:10PM +0100, Alexander Werth wrote:
> ...
> have you considered implementing something like this as a vfs module?
had not looked at that option before. Fortunately there is a good
documentation about writing vfs modules available.
> It should be possible to override the vfs function that queries the
> security descriptor with a function that returns a security descriptor
> granting full access for everyone.
> Then the any access check in the smbd/open.c would just pass.
> ...
So i wrote a vfs module file and xml docs. They are attached.
Would greatly appreciate to find them in future Samba versions.
Thanks for the hints !
Regards,
Albert Fluegel
>
> On Wed, 2013-02-13 at 15:14 +0100, Albert Fluegel wrote:
> > ...
> > In short: ACLs are set on an NFS-mounted filesystem, that is exported
> > via Samba by an NFS client, but the ACLs are not visible for this Samba
> > server (NFSv4 ACLs, but the mount is NFSv3) - however they are in effect.
> > This constellation causes strange phenomenons on the windows side, because
> > ...
> > The attached patch for Samba 4.0.1 introduces a new option
> > ...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: vfs_fake_full_access.8.xml
Type: application/xml
Size: 2883 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20130215/ee89dd90/attachment.xml>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: vfs_fake_full_access.c
Type: text/x-csrc
Size: 3131 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20130215/ee89dd90/attachment.c>
More information about the samba-technical
mailing list