Behaviour mismatch between "store dos attributes" and "map archive" from man smb.conf(5)
Jeremy Allison
jra at samba.org
Fri May 15 00:47:12 UTC 2020
On Fri, May 15, 2020 at 01:26:14AM +0200, Michael Adam wrote:
>
> If I disable acl_xattr but set "inherit acls = yes", this still
> fails the same way. Only acl_xattr sets the execute perms.
> So at least it is not "inherit acls" alone.
You'll probably have to add extra DEBUG statements
to see what is happening step by step.
> At this point I'm mostly trying to understand.
> I still have the impression that the behavior is somewhat
> inconsistent and random.
Yes. It isn't to a spec and there's no comprehensive
test. Adding such things would be good.
> And it seems to me that the test was not written to pass against
> exactly the configuration of the tmp share in the test env, with
> the awareness that it fails against other standard configurations.
> I can't help the impression that this is somewhat accidential.
Yep.
> That is apparently only true for creating new files. For opening
> existing files however, the desired access mode seems to have a
> lot to with the ACL on the file. So this is strangely asymmetric:
No, that's only to do with what you're allowed after
the existing ACL is read and compared with what you're
asking or in access_mask.
> (1) We create a file requesting SEC_FILE_EXECUTE.
> The file gets created without any execut perms.
> (without acl_xattr and with map archive = no)
> The create call succees.
>
> (2) Later open of the existing file also requesting
> SEC_FILE_EXECUTE fails.
>
> If I do acl_xattr or map archive = yes though, then #1 also
> creates execute bits on the file. And #2 succeeds.
Yes, but that's nothing to do with what you're asking for.
That's to do with the config settings - not "requesting
SEC_FILE_EXECUTE". I think :-).
More information about the samba-technical
mailing list