[Samba] Problem with ACLs/Samba-3.0.0-beta1
José Luis Tallón
jltallon at adv-solutions.net
Wed Jul 9 13:00:18 GMT 2003
I have installed Samba-3.0 beta1 and accomplished a migration from an W2k
mixed mode DC.
Except for some trouble with winbind, with i solved by hacking a bit in the
LDAP directory ( manually assigning UIDs and GIDs ), everything is fine now.
Thanks Samba Team for a good work, keep improving ;)
A couple of weeks ago i asked about ACL support, and was answered that
"full control" was given by an RWX entry in ACLs.
Today, while changing permissions on a file, we have verified that the
capability of giving permission to others over a file is restricted to that
file's owner ( i was told otherwise ).
System: Debian GNU/Linux 3.0 "Woody" + some packages from SID
Kernel: Linux-2.4.21 + LVM1.0.7 + xfs1.2
Samba: Samba-3.0.0.beta1-2 from Debian's 'unstable'
LDAP: OpenLDAP-2.1.21 from Debian's 'unstable'
Additional info: setfacl and getfacl work properly, changing permissions
from windows' "Security" Tab works provided the user changing them is the
object's owner.
Question 1:
How can I make some user have "full control" over a directory or a file (
from the Windows side, if possible ) ?
I can just chown from the Linux side and let the user do things, but that
user won't be able to delegate full control to another user without my
intervention :-|
Question 2:
Is there any workaround for this? Plans to implement it ?
Any information on this would be much appreciated.
I was told there was a patch for Samba-2.2.x that implemented full NT
semantics for Samba, but it has not been ported to Samba-3 (yet?).
Thanks in advance.
Best,
J.L.
More information about the samba
mailing list