[Samba] smbmount and posix ACLs

Markus Meissner mlist at meissner.it
Sun Nov 14 14:54:57 GMT 2004


Hi,

I have set up a samba 3.0.7 server with acl-support on an xfs filesystem.
Everything is working as expected from the server/Windows client view. I
can create/modify files, I can see the acls, fine. Now I have a
linux-client which is using the same samba-server. Also here works _nearly_
everything as expected. If the owner or group of the directory/file is
allowed to modify the file, everyting works. 

The problem is that if I want to create/modifiy a directory where the
unix-rights are not sufficient, the operation is not permitted. Example:

On the samba-server (fs):
meissner at fs# getfacl .
# file: .
# owner: root
# group: root
user::rwx
group::rwx
group:mit:rwx
mask::rwx
other::r-x
meissner at fs# groups
... mit ...
meissner at fs# touch a
ls -l
-rw-rw-r--+ 1 meissner Domain Users 0 2004-11-14 15:44 a

OK, now I try this on the linux-client (emc2):
meissner at emc2# getfacl .
# file: .
# owner: root
# group: root
user::rwx
group::rwx
other::r-x
meissner at emc2# groups
... mit ...
meissner at emc2# touch b
german error message: "cannot touch "b", permission denied"

The uids/gids are synced via a global ldap server. Both linux-machines are
Debian 3.1 with samba 3.0.7.

I think that this is a problem of smbmount which doesn't know of the acls on
the server site. How can I make it work? I don't want to set up an
nfs-server for this if it is avoidable and the feeling that my
windows-clients are better supported than the linux ones is ugly =)

-- 
Beste Gruesse / Best regards Markus Meissner



More information about the samba mailing list