[Samba] Samba 3.0 acl problems

Sandor Feher sfeher at bluesystem.hu
Sat Oct 11 09:55:39 GMT 2003 

Hi folks,

I have set up a samba-3.0 compiled with-acl-support on a Red Hat 9
with 2.4.21 patched with acl and extra attribs, ext3 filesystem
mounted acl,user_xattr. I use win2k to set up acls.
Samba acting as a pdc this part works fine. I'd like to set up the
samba as a pdc of 350+ nodes mixed win98 and win2k and I'd like to use
acls on it.

The problems are the following:

If I add a user to let him to write into a particular folder then it
seems samba grants him the all permissions exist. There is a special
need that user should create a file can modify but deleting is not
allowed.  It seems that some combination of the settings work others
not. If there is another version of samba (recent one) which works
good with acls it also good for me.

Here is the relevant part of my config:

[global]
   workgroup = TEST
   security = user
   server string = Test Samba 3.0
   printcap name = /etc/printcap
   load printers = yes
   printing = cups
   log file = /var/log/samba/%m.log
   debuglevel = 3
   acl compatibility = Auto
   max log size = 10000
   encrypt passwords = yes
   smb passwd file = /etc/samba/smbpasswd
   unix password sync = Yes
   passwd program = /usr/bin/passwd %u
   passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*succ
   pam password change = yes
   obey pam restrictions = yes
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   remote announce = 192.168.1.255
   local master = yes
   domain master = yes
   preferred master = yes
   domain logons = yes
   logon script = %U.bat
   logon path = \\%L\Profiles\%U
   wins support = yes
   dns proxy = no

[tmp]
  comment  = test folders
  path = /home/tmp
  browseable = yes
  writeable = yes
  create mask = 0700
  directory mask = 0700
  directory security mask = 0700
  admin users = TEST\Administrator



Thanks., Sandor


-- 
...Fehér Sándor...            ---    ....Sandor Feher.... 
 fejlesztési vezető           ---     development manager
 Blue System Kft.             ---      Blue System Ltd.

        mailto:sfeher at bluesystem.hu  http://www.bluesystem.hu

More information about the samba mailing list