[Samba] ACLs with samba

Mikko Rautiainen mrautia6 at welho.com
Fri Nov 22 08:54:01 GMT 2002


Hi,

What filesystem are you using? Like ReiserFS doesn't support ACL's but 
ext3 and XFS does.
And is your PDC a win??? or is it a samba PDC?

I have a win2k PDC and samba fileserver and I use Winbind to 
authenticate. I can change
the permissions for files and folders in the PDC or on my desktop. I 
didn't use any force
create modes.

Mikko Rautiainen

Tom Hallewell wrote:

>Hi-
>I am experiencing some odd behavior with ACLs with winbindd using Samba 2.6
>on Debian Woody (kernel version 2.4.18).
>1.  I am unable to alter permissions from Win2K clients using the
>Properties->Security interface.  Is this normal?  I get the "Unable to save
>Permission Changes on new Folder.  Access is denied."  message.  This occurs
>with all accounts, both privileged and unprivileged.
>
>
>2.  Permissions set using
>setfacl -m u:DOMAIN\USER:rwx
>alter the permissions just fine, but do not show up in the
>Properties->Security interface.
>If I run
>chmod DOMAIN\USER.DOMAIN\USER
>it shows up.
>
>The permissions show up correctly if a file or directory is created on the
>share from a Win client, but cannot be modified once created, and the ACL
>info is not seen.
>
>Is this behavior normal, or am I doing something wrong?
>
>Here is the relevant section of smb.conf:
>[SHARE]
>   comment = Blah blah
>   path = /usr/tmp/share
>  valid users = @DOMAIN\Group1 @DOMAIN\Group2
>   public = no
>   writable = yes
>   printable = no
>   create mask = 0770
>   directory mode = 0770
>   force create mode = 0770
>   force directory mode = 0770
>
>Here is the output from
>getfacl /usr/tmp/share
>getfacl: Removing leading '/' from absolute path names
># file: usr/tmp/BUR
># owner: mpgmover
># group: mpgmover
>user::rwx
>group::rwx
>group:DOMAIN\Group1:rwx
>group:DOMAIN\Group2:rwx
>mask::rwx
>other::---
>
>Any input would be appreciated.
>Thanks
>Tom Hallewell
>Radio Free Asia
>Washington DC
>
>
>





More information about the samba mailing list