[Samba] posix acls vs unix groups and nt acls

Collen collen at zeist.hermanjordan.nl
Thu Apr 21 06:56:35 GMT 2005

Well you can use posix acl's, but it's not 100% wind0ws compatible.
you can only set the read, write and execute bits...
(not the modify or other special wind0ws things..)

to use the acl's be sure you have the acl lib's installed..
also be sure your partition/filesystem uses acl (set in the /etc/fstab)

and 3th, your kernel need to be vuild with it, all mayor distro's have 
nowday's so i don't think it would be a problem.. (it's standard with th 
2.6.XXXX kernels is think)

next, compile samba with acl set (./configure --with-acl-support)
make & make install, and your done

this is just a really short howto, but look at


for more info on the samba & acl...

Have fun.

if you did those 3 things

David Bear wrote:
> I'm looking for info on using posix acls in samba. I'd like them to
> look and feel like nt acls. I'd like to use the windows client to set
> the acls on the samba server. I've got the official samba 3 howto
> book, but can't seem to figure things out from there.
> specifically, in the past I've used a force group entry in combined
> with create modes to keep shared files access to specific groups. I'd
> like to see where posix acls might fit in here since I could
> theoretically have a group of 'creators', a separate group of
> 'viewers', and a third group with 'read-write-delete' permissions.
> any good writups on this? I'm using samba 3.x and redhat enterperise
> ws 4 -- kernel 2.6.9-5 and samba-3.0.10-1.4E.

More information about the samba mailing list