ACL woes
Gerald (Jerry) Carter
jerry at samba.org
Tue Jan 8 05:42:02 GMT 2002
On Mon, 7 Jan 2002, Scott Mann wrote:
> Hi All,
>
> I've got Samba 2.2.2 and a 2.4.14 kernel with XFS and tools
> (acl-1.1.3, attr-1.1.3, xfsprogs-1.3.13). I'm also using winbind to
> authenticate against a W2K DC.
>
> ACLs seem to work, but attributes (like modify privilege without
> delete privilege) seem not to. If I create a directory on a samba
> share via W2K as the domain administrator, I can grant "Full Control"
> to another user (say, for example, Guest). The user Guest effectively
> gets rwx. However, for example, if Guest attempts to take ownership of
> the directory, it fails with an "access denied" error message. The
> smbd log file reports a chown error message.
>
> None of the other standard W2K/NT attributes work properly. They
> always result in a linux rwx-style permission set and attr -l reports
> nothing (it appears that there are no extended attributes).
You are seeing expected behavior. See
ftp://ftp.samba.org/pub/samba/slides/samba-acls.ag.ps.gz
For a tutorial on POSIX ACLs.
chau, jerry
---------------------------------------------------------------------
Hewlett-Packard http://www.hp.com
SAMBA Team http://www.samba.org
-- http://www.plainjoe.org
"Sam's Teach Yourself Samba in 24 Hours" 2ed. ISBN 0-672-32269-2
--"I never saved anything for the swim back." Ethan Hawk in Gattaca--
More information about the samba
mailing list