[Samba] Problem setting ACLs on files/folders... plz help!
Kirk Marple
kirk-public at agnostic-media.com
Fri Jun 25 16:06:31 GMT 2004
This is actually a Mac OS X Server, and we didn't build the kernel
ourselves. It's out of the box the way Apple configures it.
The results of smbd -b | grep -i acl shows: HAVE_NO_ACLS.
That can't be good, can it?
I don't have "nt acl support = yes" in my smb.conf, but that's probably not
gonna help me since HAVE_NO_ACLS is set.
Am I just pretty screwed given the Samba that comes with Mac OS X Server?
Thanks,
Kirk
-----Original Message-----
From: samba-bounces+kirk-public=agnostic-media.com at lists.samba.org
[mailto:samba-bounces+kirk-public=agnostic-media.com at lists.samba.org] On
Behalf Of Prajjwal
Sent: Friday, June 25, 2004 4:53 AM
To: samba at lists.samba.org
Subject: Re: [Samba] Problem setting ACLs on files/folders... plz help!
Hi
Did you build acl support into your kernel?
When you type smbd -b|grep -i acl, what kind of output do you get- you sure
the acl support is compiled in properly into samba?
What kind of output do you get in your samba logs when and before you get
the access denied messages?
Finally, I dont see any "nt acl support = yes" line in your smb.conf
file-- why dont you add it in?
Regards
Prajjwal
Kirk Marple wrote:
> I'm running Samba on a Mac OS X server, and the server is a member of
> a Windows domain (Windows 2003).
>
> Samba is setup for security=domain permissions.
>
> I have opened up a file share to the Windows machines named AppDeployment.
> I'm able to open \\xserve\AppDeployment on a Windows server, and am able
to
> create directories and copy files in there. (Btw, when i attempt to "net
> use" that directory from Windows, I'm required to enter an account
> from the Mac server.)
>
> Even if i login as 'root' on the Mac server when accessing that file
> share, when i try and change the permissions of a folder (i.e. add
> ACLs for a domain user via the Windows property page), I get an error
> dialog saying "Unable to save permission changes on <directory name>".
Access is denied."
> when i try and apply the changes.
>
> any thoughts on what could be going wrong? i'm pretty stuck!
>
> am i going about this the wrong way? basically i want to setup Samba so
i
> can have a file share on the Mac server that is exposed to the Windows
> servers in the domain, and the Windows servers can set ACLs on the
> files/folders using accounts in the domain.
>
> thanks for any help!
> Kirk
>
> --------------------
>
> [global]
> workgroup = <...>
> password server = *
> hide files = .Trashes/Temporary Items/Desktop
> */TheFindByContentFolder/TheVolumeSettingsFolder/.DS_Store/.AppleDouble/
> display charset = UTF-8-MAC
> print command = /usr/sbin/PrintServiceAccess printps %p %s
> lprm command = /usr/sbin/PrintServiceAccess remove %p %j
> security = domain
> guest account = unknown
> encrypt passwords = yes
> printing = BSD
> allow trusted domains = yes
> preferred master = no
> lppause command = /usr/sbin/PrintServiceAccess hold %p %j
> netbios name = xserve
> wins support = no
> max smbd processes = 0
> printcap =
> server string = Mac OS X
> lpresume command = /usr/sbin/PrintServiceAccess release %p %j
> client ntlmv2 auth = yes
> domain logons = no
> lpq command = /usr/sbin/PrintServiceAccess jobs %p
> passdb backend = opendirectorysam guest
> dos charset = CP437
> unix charset = UTF-8-MAC
> socket options = SO_RCVBUF=64240
> auth methods = guest ntdomain opendirectory
> local master = no
> use spnego = yes
> map to guest = Bad User
> domain master = no
> printer admin = @admin, @staff
> log level = 3
>
> [AppDeployment]
> oplocks = 0
> map archive = no
> path = /Volumes/<...>/AppDeployment
> read only = no
> inherit permissions = 1
> strict locking = 1
> comment = macosx
> create mask = 0666
> guest ok = 1
> public = yes
> writeable = yes
> directory mask = 0777
>
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list