[Samba] Changing ACLs as administrator
Konkol, Josh
JKonkol at guidemail.com
Tue Jul 30 08:32:02 GMT 2002
I've replied to these question several times in this list.
People need to:
Search the list
Try suggestions from list
Give detailed scenarios of what their problem is
I have this working successfuly.
Josh
> -----Original Message-----
> From: sspitzner at planalytics.com [mailto:sspitzner at planalytics.com]
> Sent: Tuesday, July 30, 2002 10:13 AM
> To: Eddie Lania
> Cc: samba at lists.samba.org
> Subject: Re: [Samba] Changing ACLs as administrator
>
>
>
>
> Eddie,
>
> I am having the exact same problem. I cannot change ACL's
> either from the
> administrator login or the user login. If anyone can give a
> clue as to what is
> going on, I would appreciate it. I am running 2.2.5 with the
> acl code in the
> kernel and compiled with acl.
>
> Thank you
> Sam
>
>
>
>
> "Eddie Lania" <e.lania at elton.nl> on 07/30/2002 09:19:39 AM
>
>
>
>
> To: samba at lists.samba.org
> cc: (bcc: Samuel K Spitzner/Planalytics)
>
> Subject: [Samba] Changing ACLs as administrator
>
>
>
>
> Hello all.
>
> Has somebody found a solution yet?
> I can't figure it out.
> I am beginning to wonder if it might be a bug in samba?
> This is what I have now:
>
> [netlogon]
> comment = Network Logon Service
> path = /home/netlogon
> read only = Yes
> guest ok = Yes
> write list = @"Administrators"
> force group = "+Administrators"
> inherit acls = Yes
> inherit permissions = Yes
>
> [homes]
> path = /home/users/%U
> read only = No
> browseable = No
> inherit acls = Yes
> inherit permissions = Yes
>
> [users]
> comment = Users share
> path = /home/users
> read only = No
> force group = "+Administrators"
> inherit acls = Yes
> inherit permissions = Yes
>
> [profiles]
> comment = User profiles share
> path = /home/profiles
> read only = No
> force group = "+Administrators"
> inherit acls = Yes
> inherit permissions = Yes
> csc policy = disable
> -----
>
> All user directories and files in [users] and [profiles] are
> owned by the
> "user", their group has been set to Administrators and user and group
> permissions are set to rwx for directories and rw for files.
>
> The world permissions have been set to none because I want
> only the "user"
> or the Adminstrator equiv to be able to access the directories in the
> [users] or the [profiles] share.
>
> When I check the acls and permission from a logged-in windows
> XP client
> verything looks really good.
> No errors.
>
> So far so good......but then:
>
> When a user creates a new file or directory, it should
> inherit it's acl and
> permissions from the parent directory, this doesn't work,
> currently the
> owner and group get set to the user itself.
>
> If an Administrator equiv creates a new file or directory, I
> would like it
> to be set to a default acl where the group should be at least
> "Administrators" and, if needed, I would like to change the
> owner later.
> With the "force group" parameter set to "+Administrators"
> this works almost
> ok, the groups get set well but I get a "permission denied"
> when I try to
> change the owner of the directory.
>
> In order to be able to succeed in changing the ownership:
> I also have been playing with the "username map" file but
> when I add a line
> there like:
> root = @"Administrators"
> then the result is that the Administrator equiv is being
> logged in as root
> at login time, and still isn't able to change the ownership
> of an file or
> directory.
>
> I also tried the "admin users = @"Administrators" in the
> service section but
> this doesn't work either.
>
> So, I am out of options now.
>
> I hope that some other list member can give me the right solution.
> Or maybe one of the members of the samba team?
>
> Thank you for any reply.
>
> Eddie.
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list