[Samba] ACL on 3.0.6 ADS

Emir Faisal st1llg0tth3blu3s at yahoo.com.sg
Fri Sep 3 02:26:27 GMT 2004 

hi,
I am trying to run a 3.0.6 on ADS network with
"--with-acl-support" enabled on configure time. I also
compiled the linux kernel 2.4.25 witch acl patch from
http://acl.bestbits.at/.

Samba shares is visible from the network and
vice-versa.

BUT, I can't change the ACL on samba shared files.
I've read the HOWTO to change file permission from:

1. Remote Computer management mmc
Top level share on "Share Permission" and "Security",
failed with error "Changes cannot be saved. Access is
denied".

2. Windows explorer
top level share, failed with error "Unable to save
permission changes on SHARES on machine_name. Access
is denied".
Sub directory, failed with error "Unable to save
permission changes on folder_name. Access is denied".

3. Linux Command line
sub directory changes, success from command line
(using setfacl and chacl) but the changes is not
visible from windows explorer.

the acl setting changes from network is done using the
same account specified on smb.conf's [SHARES].

testparam return:
# testparm
Load smb config files from
/opt/samba-3.0.6/lib/smb.conf
Processing section "[homes]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[SHARES]"
Loaded services file OK.
'winbind separator = +' might cause problems with
group membership.
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions

# Global parameters
[global]
        unix charset = LOCALE
        workgroup = WRKGRP
        realm = FQDN.WRKGRP
        server string = Samba-3.0.6
        security = ADS
        password server = nias
        username map =
/opt/samba-3.0.6/lib/username_map.conf
        use kerberos keytab = Yes
        log level = 5
        syslog = 0
        log file = /var/opt/samba-3.0.6/%m
        max log size = 50
        socket options = TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192
        preferred master = No
        local master = No
        domain master = No
        wins server = nias
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        template primary group = "Domain Users"
        template shell = /bin/bash
        winbind separator = +
        winbind cache time = 1
        winbind use default domain = Yes
        winbind nested groups = Yes

[homes]
        comment = Home directories on Linux
        path = /home/%D/%U
        valid users = %S
        read only = No
        browseable = No

[printers]
        comment = Samba-Linux print spool
        path = /var/spool/samba
        guest ok = Yes
        printable = Yes
        browseable = No

[print$]
        comment = Printer drivers
        path = /var/opt/samba-3.0.6/lib/drivers
        admin users = root, Administrator
        write list = root

[SHARES]
        comment = Shared directory in Linux
        path = /SHARES
        admin users = EmirF
        read only = No
        guest ok = Yes
#

How to put samba to work with Linux ACL's ?

regards,
EF

=====
rgrds,
EF


		
_______________________________
Do you Yahoo!?
Win 1 of 4,000 free domain names from Yahoo! Enter now.
http://promotions.yahoo.com/goldrush

More information about the samba mailing list