Samba on Linux with no ACL's is making things tough

David Collier-Brown - Sun Canada davecb at scot.canada.sun.com
Sun Apr 2 22:40:47 GMT 2000


Michael Marschall wrote:
| Actually putting SAMBA on a Solaris, HP-UX or SGI box defeats the purpose
| of me using SAMBA in the first place (lower cost).

	Fair enough: I had hoped you had one around somewhere.
	[Semi-serious suggestion from my employer: run Solaris x86,
	for the cost of media, see
	http://www.sun.com/developers/tools/solaris/solarispromo.html]
	
	
|			 I just cannot believe that nobody has
| found a way to function in a complex sharing environment with Linux and
| Samba. It leads me to think that Samba is only good for two situations, 1)
| When you have a UNIX OS with ACLs in the underlying file system or 2) if
| you have very unsophisticated file storage setup.

	In fact, you have an unusual case, one which Thompson and Ritchie
	consciously left out.  Their replacement (groups) was insufficient.

	They really didn't want to get into "security aware" OSs, ones
	in which the users were expected to want to blow away each other.
	Unix can be adapted to this case, but it's hard.  For years,
	the only "B2 Secure" OS was Multics, which ran on $1 Million
	hardware...
	
	I've been actively following the ACL discussion on samba-technical,
	and the Samba folks are coding for ACLS as we speak, but you
	have to have "something there" to code to. They really have to add
	them on top of an acl-aware filesystem.  Please note: this
	includes Linux NTFS, as well as other more experimental FSs.
	
	This, however, will not appear in time to be a decent approach
	for your current problem.  So you're probably stuck with NT
	for this particular filesystem tree.  If you want to introduce
	Samba to the mix, consider using it to export your binaries
	tree(s).
	
--dave
--
David Collier-Brown in Boston
Phone: (781) 442-0734, Room BUR03-3632



More information about the samba mailing list