[Samba] ACLs with samba
Mikko Rautiainen
mrautia6 at welho.com
Fri Nov 22 08:54:01 GMT 2002
Hi,
What filesystem are you using? Like ReiserFS doesn't support ACL's but
ext3 and XFS does.
And is your PDC a win??? or is it a samba PDC?
I have a win2k PDC and samba fileserver and I use Winbind to
authenticate. I can change
the permissions for files and folders in the PDC or on my desktop. I
didn't use any force
create modes.
Mikko Rautiainen
Tom Hallewell wrote:
>Hi-
>I am experiencing some odd behavior with ACLs with winbindd using Samba 2.6
>on Debian Woody (kernel version 2.4.18).
>1. I am unable to alter permissions from Win2K clients using the
>Properties->Security interface. Is this normal? I get the "Unable to save
>Permission Changes on new Folder. Access is denied." message. This occurs
>with all accounts, both privileged and unprivileged.
>
>
>2. Permissions set using
>setfacl -m u:DOMAIN\USER:rwx
>alter the permissions just fine, but do not show up in the
>Properties->Security interface.
>If I run
>chmod DOMAIN\USER.DOMAIN\USER
>it shows up.
>
>The permissions show up correctly if a file or directory is created on the
>share from a Win client, but cannot be modified once created, and the ACL
>info is not seen.
>
>Is this behavior normal, or am I doing something wrong?
>
>Here is the relevant section of smb.conf:
>[SHARE]
> comment = Blah blah
> path = /usr/tmp/share
> valid users = @DOMAIN\Group1 @DOMAIN\Group2
> public = no
> writable = yes
> printable = no
> create mask = 0770
> directory mode = 0770
> force create mode = 0770
> force directory mode = 0770
>
>Here is the output from
>getfacl /usr/tmp/share
>getfacl: Removing leading '/' from absolute path names
># file: usr/tmp/BUR
># owner: mpgmover
># group: mpgmover
>user::rwx
>group::rwx
>group:DOMAIN\Group1:rwx
>group:DOMAIN\Group2:rwx
>mask::rwx
>other::---
>
>Any input would be appreciated.
>Thanks
>Tom Hallewell
>Radio Free Asia
>Washington DC
>
>
>
More information about the samba
mailing list