[Samba] Samba + OpenLDAP + ACL patch on Linux 2.4.18 problems.
Erik Enge
eenge at prium.net
Thu Jul 18 14:01:12 GMT 2002
Hi, all.
I compiled Samba 2.2.5 (on Linux) with these optinos:
--with-smbmount --with-acl-support --with-ldapsam
The compilation went fine and everything seems to be working except for
the ACL part.
I've applied the ACL patch for Linux 2.4.18 (from acl.bestbits.at) and
installed all the tools to go with it. That part works:
root at madrid# getfacl /tmp
getfacl: Removing leading '/' from absolute path names
# file: tmp
# owner: root
# group: root
user::rwx
group::rwx
other::rwx
Now, when starting Samba and logging in with a user that owns
/tmp/file-a, I would expect to be able to add groups and users to that
file's ACL as I would do in NT normally.
However, when I try to add users and/or groups, I get an error dialog
that says "Access Denied" (this is Windows NT Workspation, SP6).
After some looking into, it seems that Samba is still only honoring the
traditional owner-group-other Unix permissions, and is not aware of the
ACLs. I draw this conclusion from the fact that this file:
root at madrid# getfacl /tmp/testing-acls/b-file
getfacl: Removing leading '/' from absolute path names
# file: tmp/testing-acls/b-file
# owner: administrator
# group: tty
user::rw-
group::r-x
group:tty:r-x
group:pri:r-x
mask::rwx
other::---
in the NT Security Tab window shows only "administrator", "Everybody"
and "tty" as having permissions to the file. The group "pri" isn't even
mentioned.
More information about the samba
mailing list