[Samba] 4.1.7 Server Side Copies & Disk Permissions
David Disseldorp
ddiss at suse.de
Mon Apr 28 07:57:23 MDT 2014
On Tue, 22 Apr 2014 11:46:26 +0200, David Disseldorp wrote:
> > Same as in 4.1.6 and always the same so I will not bother to add a log.
> >
> > If you follow http://wiki.samba.org/index.php/Setting_up_a_home_share
> >
> > But have vfs objects = btrfs declared all is different.
> >
> > You can add users and groups but the default Everyone, CREATOR GROUP and a Unknown you just can't delete them.
> >
> > As soon as you press apply then they are back again.
>
> I expect this is due to the POSIX to Windows Access Control List mapping
> behaviour. The Owner, Group and Other entries are always present in a
> POSIX ACL. Samba maps these entries to NT ACL entries on retrieval.
>
> The vfs_btrfs module doesn't intercept ACL retrieval/manipulation
> requests, so you shouldn't see any difference from the default VFS in
> this regard.
For the record, the issue is caused by Samba's setting of the
"vfs objects" parameter when running as an AD domain controller.
https://bugzilla.samba.org/show_bug.cgi?id=10560
If "vfs objects" is not set, then Samba configures the dfs_samba4 and
acl_xattr VFS modules. If it is set, then the parameter is left as is.
Which means if a user goes from...
[global]
server role = active directory domain controller
[share]
path = /samba/samba1/
read only = No
to...
[global]
server role = active directory domain controller
[share]
path = /samba/samba2/
read only = No
vfs objects = btrfs
...then the acl_xattr module is implicitly disabled, breaking the users
existing ACL<->xattr mapping setup.
AFAICT, this behaviour is currently undocumented.
Cheers, David
More information about the samba-technical
mailing list