[Samba] ACL and delete files
Jacob Nielsen
jni at laps.dk
Fri Apr 15 10:38:14 GMT 2005
Hi Peter
Let me show you how it looks like.
I'm doing a copy from a file which is allready present on the fileserver, from my Windows client. This results in:
-rwxrwx---+ 1 fnorgaard Domain_Users 71168 May 29 2002 Copy of straksafvigelseKT.doc
Here is the user credentials:
g-file Produktion # id fnorgaard
uid=1191(fnorgaard) gid=2000(Domain_Users) groups=2000(Domain_Users),2018(Denmark),2026(Frederikssund),2111(RW_ADJ_CC),2112(RW_ADJ_PROD),2115(RW_ADJ_SKAB),2035(RW_Adjuvanter),2034(RX_Adjuvanter)
And the ACLs:
g-file Produktion # getfacl ../.
# file: ../.
# owner: root
# group: Domain_Users
user::rwx
user:skrohn:r-x
group::---
group:RX_Adjuvanter:r-x
group:RW_Adjuvanter:rwx
mask::rwx
other::---
g-file Produktion # getfacl .
# file: .
# owner: root
# group: Domain_Users
user::rwx
group::r-x
group:RX_Adjuvanter:r-x
group:RW_ADJ_PROD:rwx
mask::rwx
other::---
g-file Produktion #
All directories are group-owned by 2000 (Domain_Users) as showned in the acl.
Now here is thefunny stuff. Lets do the same with smbclient:
jni at chandler jni $ smbclient //g-file/BrennTag -W NORDIC -U fnorgaard
Password:
Domain=[NORDIC] OS=[Unix] Server=[Samba 3.0.13]
smb: \> cd Adjuvanter
smb: \Adjuvanter\> cd Produktion
smb: \Adjuvanter\Produktion\> put brenntag.png
putting file brenntag.png as \Adjuvanter\Produktion\brenntag.png (96.9
kb/s) (average 96.9 kb/s)
smb: \Adjuvanter\Produktion\> rename brenntag.png brenntag123.png
smb: \Adjuvanter\Produktion\> rm brenntag123.png
smb: \Adjuvanter\Produktion\>
This works, but why and how?
Do you want more info?
- Jacob
--
.____ __________ _________
| | _____ \______ \/ _____/
| | \__ \ | ___/\_____ \
| |___ / __ \| | / \
|_______ (____ /____| /_______ /
\/ \/ jni at laps.dk \/
+-----------------------------------------------------+
|As far as the laws of mathematics refer to reality, |
|they are not certain; and as far as they are certain,|
|they do not refer to reality. |
+-----------------------------------------------------+
On Fri, Apr 15, 2005 at 12:15:26PM +0200, Peter Kruse wrote:
> Hello,
>
> Jacob Nielsen wrote:
> >Hello list
> >
> >I have the same problem with my Samba-3.0.13. This problem started after
> >upgrading from 3.0.11.
> >
> >I have a rather huge fileserver with 300.000+ files, so this is kindda a
> >big issue for me.
> >
> >Problem is when rename/deleting files, which is basicly not possible.
> >Copying a new file to the same directory is not a problem. Not
> >changeable thou. If you open the file in an editor and save it, it's not
> >a problem either. Very strange.
>
> Thanks for sharing this. I can confirm that this problem exists in
> 3.0.13. There has been a bug report #2521 which was closed although
> there was still one report saying the bug still was there.
> I have several reports of this same behaviour: creating of files work
> but modify/delete doesn't. Is it true the the directory in question
> does not give write permission to the user account but only the
> group the user belongs to?
>
> Regards,
>
> Peter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba/attachments/20050415/7789fbca/attachment.bin
More information about the samba
mailing list