[Samba] Re: FreeBSD 5.0 + ACLs

Chris de Vidal cdevidal at yahoo.com
Mon Feb 3 18:26:45 GMT 2003 

--- Adam Smith <adam.smith at sageautomation.com> wrote:
> > The next step (and what you're probably missing)
> is
> > compiling samba --with-acl-support (or something
> like
> > that.. do ./configure --help | grep -i acl).  I
> > tweaked a .spec file in a SRPM and you might have
> to
> > edit your port's Makefile or something.
> 
> I installed Samba from the ports with a make
> install.  The configuration
> screen

? A screen?  We don't have those niceties in Linux. 
Still, I can recompile SRPMs and install the resulting
RPM on our file servers with ease; compile once,
install anywhere (:  I believe *BSDs use a
compile-on-the-server method, which seems more time
consuming.  It's all about choices (:

> allowed me to select ACLs, but to be safe, I
> recompiled it and
> reinstalled it manually with a 'make
> --with-acl-support.'

Good.

> The output from mount says:
> /dev/ar0s1g on /data (ufs, local, acls)

Good.

> > We also had to install acl/libacl/libacl-devel and
> > attr/libattr/libattr-devel (e.g. binaries,
> libraries,
> > and development headers+includes) packages in
> order to
> > compile.
> 
> I did a quick search on freebsd.org and Google but
> found nothing
> extremely helpful :/

If the ./configure script showed that ACLs were turned
on, you're good.  I believe there's a log that
./configure generates that you can grep.. perhaps its
called configure.log?  Anyway,
grep -ir acl /path/to/samba/sources/after/compilation
| less
and look around for something that looks like the
output of configure, that has something like
"Configuring with acl extensions..."

> Am I supposed to be able to modify 'extended' ACLs
> on the UFS2 file system?

We use get/setfacl in Linux.. it might be the same for
you.  Perhaps you should man -k ufs2 or man -k acl and
see what you can find about getting and setting ACLs.

The finished result would be that you'd be able to add
multiple groups to a file's permissions from Windows
Explorer.  Works here.

> Something could be wrong with it.  Whenever I do an
> 'ls -la'  I get the
> following results:
> 
> ls: ./.: Operation not supported
> drwxrwx---  10 root     administration     512 Jan
> 29 11:08 .
> ls: ./..: Operation not supported
> drwxr-xr-x  12 root     wheel              512 Jan
> 29 16:28 ..
> ls: ./Accounts: Operation not supported
> drwxrwx---   3 root     administration     512 Jan
> 29 09:02 Accounts
> ls: ./Accounts Payable: Operation not supported
> drwxrwx---   4 root     administration     512 Jan
> 29 08:36 Accounts
> Payable
> ls: ./Finance: Operation not supported
> drwxrwx---  26 root     administration    1536 Jan
> 29 08:37 Finance
> 
> 
> Every directory brings that up.  It is the -l option
> causing the
> problem.  A normal 'ls' on its own doesn't display
> these errors.

This is a different problem.  I had to install a
specially-modified fileutils package, which included
ls and a few other ACL-enabled binaries.

After installing it, I noticed ls -l showed a plus
sign after the permissions for files on ACL-enabled
partitions.  Most likely your "standard" ls is reading
the extra ACL attributes when it says "not supported."

I also got the fileutils package from acl.bestbits.at.
 I think read about it in "Teach Yourself Samba in 24
Hours," which is about the most up-to-date source of
Samba information available right now (AFAIK), and
contains topics like Winbind, ACLs, and Windows PDC
replacement (:

Good luck,
/dev/idal

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

More information about the samba mailing list