Behaviour mismatch between "store dos attributes" and "map archive" from man smb.conf(5)

Jeremy Allison jra at
Fri May 15 00:47:12 UTC 2020

On Fri, May 15, 2020 at 01:26:14AM +0200, Michael Adam wrote:
> If I disable acl_xattr but set "inherit acls = yes", this still
> fails the same way. Only acl_xattr sets the execute perms.
> So at least it is not "inherit acls" alone.

You'll probably have to add extra DEBUG statements
to see what is happening step by step.

> At this point I'm mostly trying to understand.
> I still have the impression that the behavior is somewhat
> inconsistent and random.

Yes. It isn't to a spec and there's no comprehensive
test. Adding such things would be good.

> And it seems to me that the test was not written to pass against
> exactly the configuration of the tmp share in the test env, with
> the awareness that it fails against other standard configurations.
> I can't help the impression that this is somewhat accidential.


> That is apparently only true for creating new files.  For opening
> existing files however, the desired access mode seems to have a
> lot to with the ACL on the file. So this is strangely asymmetric:

No, that's only to do with what you're allowed after
the existing ACL is read and compared with what you're
asking or in access_mask.

> (1) We create a file requesting SEC_FILE_EXECUTE.
>     The file gets created without any execut perms.
>     (without acl_xattr and with map archive = no)
>     The create call succees.
> (2) Later open of the existing file also requesting
>     SEC_FILE_EXECUTE fails.
> If I do acl_xattr or map archive = yes though, then #1 also
> creates execute bits on the file. And #2 succeeds.

Yes, but that's nothing to do with what you're asking for.
That's to do with the config settings - not "requesting
SEC_FILE_EXECUTE". I think :-).

More information about the samba-technical mailing list