[Samba] setfacl fails for some user names and not others

Andi maillist at faerun.fsnet.co.uk
Mon Nov 22 02:08:36 GMT 2004


I'm currently using Samba 3.0.4 with LDAP as a PDC. The PDC is in a 
trusted relationship (both ways) with a Windows NT4 server.

I tried updating to 3.0.7 a short while back but had problems using 
'setfacl' to set permissions for users on the trusted domain - i.e.

 > setfacl -m u:remote-dom+jbloggs:r-x .
setfacl: Option -m: Invalid argument near character 3

Setting permissions for users on the local domain worked OK.

When using 3.0.4, setfacl works OK for users on both domains.

Yesterday, I tried updating to 3.0.9.

My first attempts with setfacl for users on the remote domain failed as 
before. However, when I put the domain part into uppercase the command 
worked - i.e.

 > setfacl -m u:REMOTE-DOM+jbloggs:r-x .

I then tried a few more - some failed, and some worked.
Looking at the output from 'getent passwd', some usernames on the remote 
domain were completely lowercase, others completley uppercase and others 
mixed case (mostly along the lines of 'JBloggs' or 'WebMaster' etc)

I tried various names (long/short, upper/lower/mixed-case) but could not 
see why some names failed and others worked.

I then tried
 > wbinfo -n REMOTE-DOM+jbloggs
which returned the correct SID, and did so for all the names that failed 
  with setfacl.

When I tried the same names under 3.0.4, everything worked fine 
(regardless of the case used for either the domain or username).

Does anybody know if this is a bug in the code?
Any suggestions for other things to try?



More information about the samba mailing list