[Samba]NT ACLs and backup.

David Brodbeck DavidB at mail.interclean.com
Tue Jan 29 12:13:10 GMT 2002 

Currently under Linux ACLs are supported with the ext2 and ext3 filesystems
(with the proper kernel patches, available at http://acl.bestbits.at/), and
xfs.  They're POSIX ACLs, which don't map precisely to NT ACLs but have most
of the same functionality.

The only backup tool I'm aware of that currently supports ACLs is Star,
which is mentioned on that site.  It's possible to work around this with
other tools by backing up the ACLs seperately to a flat file, using getfacl.
This is what I currently do on my system, since the networked backup
software I use is not ACL-aware.

I'm not sure how smbclient's 'tar' option works, but my understanding is
that smbclient does not understand ACLs.

-----Original Message-----
From: Greg Freemyer [mailto:freemyer-ml at NorcrossGroup.com]
Sent: Tuesday, January 29, 2002 2:21 PM
To: David Brodbeck; samba at lists.samba.org
Subject: re[2]: [Samba]NT ACLs and backup.


David,

I'm at the conceptual stage.  I have a dedicated Redhat 7.2 box setup for
testing, but I can change the config/filesystems as required.

I want to build a dedicated "SMB storage and backup" server for our office.
Sort of a NAS device with tape capability.

My goal is to have this box do 3 things:

1) Serve SMB shares with full NT/2000 ACL support.
2) Be able to backup/restore the above on a file by file basis and have the
ACL metadata maintained.
3) Use smbclient with the tar option to backup other SMB servers, and again
be able to maintain the ACL metadata.

For 2) above, I need to understand where the ACL metadata is stored, and
which backup technology will allow it to be restored correctly.

I gather from you comment below, that some Linux filesystems support Linux
ACLs, and with those Samba uses this space to hold the NT ACLs.

Could you tell me which Linux Filesystems do this, and which backup tools
correctly handle the Linux ACL metadata.  (I always use standard permissions
under UNIX/Linux, so I have never had to do worry about them.)

For 3) above, I tried the smbclient from Samba V2.2.1, but when I did the
restore, it did not restore the ACL metadata.  I'm hoping that I either did
something wrong, or that there is a different backup/restore tool that
supports this feature.

Thanks for your help,

Greg Freemyer
Internet Engineer
Deployment and Integration Specialist
The Norcross Group
www.NorcrossGroup.com

More information about the samba mailing list