[Samba] Re: Getting ACLs to work with Samba 3.0.2a

paul k paul at subsignal.org
Fri Mar 12 01:09:14 GMT 2004

Hello Michael, hello list.

I have similar problems getting ACL's to work with samba. So far I have 
found out the following:

Suse (SLES8) with suse kernel 2.4.19, samba 3.0.2a from sernet.de (all 
tests John mentioned below succeeded) and reiserfs and xfs as filesystems.

Gentoo with kernel 2.6.0 and samba 3.0.2 self compiled with xfs as 

One additional difference is that Setup2 is the PDC with LDAP backend 
and Setup one has joined the domain as member server (interestingly I 
see <netbiosnameofserver>/<username> instead of <domainname>/<username> 
from the permissions tab).

Setup1 can:
-access all shares as expected.
-create files and directories with normal permissions from explorer.
-delete additional groups/users through explorer.
-add/delete additional groups/users with setfacl.

Setup1 cannot:
-add additional groups/users to files/folders through explorer.
-newly created files do not inherit additional groups/users.

Setup2 can:
-hmm, everything is just fine ;)

seems like the old suse kernel doesn't play well with ACL's.


BTW: Is there any document/ table describing how NT acl's map to POSIX 

More information about the samba mailing list