[Samba] samba on a non-active-directory 2k domain plus bestbits ACL suppo rt

Mahoney, Tom tom.mahoney at riaco.com
Fri Mar 15 11:54:02 GMT 2002


I don't know exactly the appropriate list to ask this question in but the
web page gave me the impression this was.
I don't particularly want to subscribe to the list as I can't handle the
volume of messages which I'm not concerned with.
I would just like to be able to ask a question concerning the email subject
and receive ONLY replys to that message. I'm not too familiar with mailman.
So here goes the question.
I have compiled kernel 2.4.17 with the bestbits ea and acl patches applied
succesfully.
I also installed the ea and acl utilities as well as patched fileutils ( I
did use the redhat src.rpm fileutils package. I used all redhat included
patches I could except two at the end which would not allow it to compile. )
Oh and I'm using redhat 7.2 with most recent errata.
I can set and remove acls' from the CLI.
I can also list files with acl's with ls and see the + after the file so my
fileutils rpm works fine.
I also compiled the samba-2.2.3a src.rpm file with the acl's enabled on the
.spec configure line.
I can see the acls' I've set from the CLI from 2k through a samba share but
cannot modify them.
I thought it might be because I hadn't added pam_winbind to /etc/pam.d/samba
but tried that and restarted samba and it didn't work.
I can run wbinfo -u/-g/-t to list users groups and check the secret no
problem.
I can also run getent passwd/group to get a list of unix and domain users or
groups no problem.
The 2K machine I'm trying to modify the ACL's from is on the domain and of
course so is the samba machine.
Under the directory where the samba share points at I have the owner set to
root and the group set to the domain group domain\Domain Admins. I am a
member of Domain Admins and I have it set as my primary group for posix
compliance on the 2K controller. In addtion ALL files under the share path
have ugo set to rwx recursively and yet I still cannot modify the
permissions or add ACL's.
If anyone else has gotten this working then I have to be missing something.

I would appricaited it if anyone could help me by going through things I
could have looked over or missed given what I can do. To be clear I have
RTFM'ed several times and used grep -rl from the samba documentation root
and read everyting which turns up search strings like: "domain, winbind,
wbinfo, ACL, etc..."
Thanks in advance to anyone who can help or push me in the right direction.




More information about the samba mailing list