[Samba] ACL issues still unresolved

Dragan Krnic dkrnic at lycos.com
Fri Dec 6 09:07:01 GMT 2002


On Fri, 06 Dec 2002 15:24:17  
 Andrew Furey wrote:
>>>(b) In said ACL properties dialog, the usernames displayed 
>>>are the UNIX ones, not the ones converted with the username 
>>>map option.
>> Why not use original Windows names and take users map out of 
>> the loop?
>However, I have just this morning worked out both of those problems. 
>For all the future Googlers out there who are banging their heads 
>against the wall as much as I have been:
>Setting up winbind with the nsswitch.conf stuff works perfectly 
>(as ar as those two problems go).
>Only problem I have now is working out how to preserve the ACLs on 
>files I copy from the W2k to the Samba machine. xcopy /o seems to 
>be it, but it comes up with "access denied" and the file is empty, 
>as well as having the default permissions (copying person is owner, 
>etc). More Googling needed...

I've banged my head over it, trying to 
   a) get the full listing of ACLs with tools in support pack
   b) build some Perl scripts to produce something like the
      output of "getfacl -R"
   c) apply "setfacl --restore=old.acls"

The tools in support pack were too flakey to begin with. Perhaps I 
should have tricked the system to let me execute it as SYS in a 
service shell but didn't have the time to bother so much. So I 
distributed and delegated. Home shares are easy to assign proper
ACLs, projects usually have a discernible permission pattern which
can be reconstructed wholesale and when in doubt ask someone who knows
or else you're migration won't be done until Xmass. 

It would be a tremendous help for all newbies and other migrants if 
someone lurking on this maillist went a step further than I did and 
were willing to share the experience.

Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year.

More information about the samba mailing list