Rename is allowed after setting ACL
Richard Sharpe
realrichardsharpe at gmail.com
Tue Sep 20 15:17:14 UTC 2016
On Tue, Sep 20, 2016 at 12:08 AM, VigneshDhanraj G
<vigneshdhanraj.g at gmail.com> wrote:
> In Windows, if i denied the permissions i am not able to rename.
>
> getfacl output for cifs share-
>
> getfacl /home/dhanraj/Picture.png
>
> # file: home/dhanraj/Picture.png
> # owner: nobody
> # group: users
> user::rw-
> user:nobody:rw-
> user:vignesh:---
> group::rw-
> group:users:rw-
> mask::rwx
> other::rw-
>
> I denied permission for the user 'vignesh' but still able to rename the
> file 'Picture.png'.
> Whereis in 4.0.9 renaming itself is denied for above set permission.
Sure. What you are saying is that Samba now conforms to correct
Windows behavior with regard to rename.
Under NTFS, rename is like a delete followed by an add of the new
name. To delete you either need Delete Child on the parent or delete
on the object. To add a new name you need Add on the parent.
You haven't shown us the permissions on the parent, which are the
relevant thing for this operation, since Posix ACLs do not, AFAIK,
have an equivalent to delete permission. You need WRITE on the parent
to do that.
Regards
--
Richard Sharpe
(何以解憂?唯有杜康。--曹操)
More information about the samba-technical
mailing list