[Samba] ACLs with samba
Tom Hallewell
hallewellt at rfa.org
Thu Nov 21 21:13:48 GMT 2002
Hi-
I am experiencing some odd behavior with ACLs with winbindd using Samba 2.6
on Debian Woody (kernel version 2.4.18).
1. I am unable to alter permissions from Win2K clients using the
Properties->Security interface. Is this normal? I get the "Unable to save
Permission Changes on new Folder. Access is denied." message. This occurs
with all accounts, both privileged and unprivileged.
2. Permissions set using
setfacl -m u:DOMAIN\USER:rwx
alter the permissions just fine, but do not show up in the
Properties->Security interface.
If I run
chmod DOMAIN\USER.DOMAIN\USER
it shows up.
The permissions show up correctly if a file or directory is created on the
share from a Win client, but cannot be modified once created, and the ACL
info is not seen.
Is this behavior normal, or am I doing something wrong?
Here is the relevant section of smb.conf:
[SHARE]
comment = Blah blah
path = /usr/tmp/share
valid users = @DOMAIN\Group1 @DOMAIN\Group2
public = no
writable = yes
printable = no
create mask = 0770
directory mode = 0770
force create mode = 0770
force directory mode = 0770
Here is the output from
getfacl /usr/tmp/share
getfacl: Removing leading '/' from absolute path names
# file: usr/tmp/BUR
# owner: mpgmover
# group: mpgmover
user::rwx
group::rwx
group:DOMAIN\Group1:rwx
group:DOMAIN\Group2:rwx
mask::rwx
other::---
Any input would be appreciated.
Thanks
Tom Hallewell
Radio Free Asia
Washington DC
More information about the samba
mailing list