ACL woes
Scott Mann
Scott.Mann at lefthandnetworks.com
Mon Jan 7 13:25:03 GMT 2002
Hi All,
I've got Samba 2.2.2 and a 2.4.14 kernel with XFS and
tools (acl-1.1.3, attr-1.1.3, xfsprogs-1.3.13).
I'm also using winbind to authenticate against a W2K DC.
ACLs seem to work, but attributes (like modify privilege without delete
privilege)
seem not to. If I create a directory on a samba share via W2K
as the domain administrator, I can grant "Full Control" to another
user (say, for example, Guest). The user Guest effectively gets rwx.
However,
for example, if Guest attempts to
take ownership of the directory, it fails with an "access denied" error
message.
The smbd log file reports a chown error message.
None of the other standard W2K/NT attributes work properly. They always
result in a linux rwx-style permission set and attr -l reports nothing
(it
appears that there are no extended attributes).
I've attached my test smb.conf below.
Any help would be greatly appreciated!
Rgds,
Scott
[global]
netbios name = ntauth-53
workgroup = devtest
server string = Resource Server
security = domain
password server = s-devdc
load printers = no
encrypt passwords = yes
username map = /etc/smbusers
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
winbind separator = +
winbind uid = 10000-59999
winbind gid = 10000-59999
winbind enum users = yes
winbind enum groups = yes
[test]
path = /storage/test
comment = test
writable = yes
security mask = 0777
directory security mask = 0777
nt acl support = yes
More information about the samba
mailing list