[Samba] Samba - NT ACL implemented by Unix Posix ACL via Samba
Gerald (Jerry) Carter
jerry at samba.org
Mon Feb 28 15:43:04 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Juer Lee wrote:
| 1. Why Samba always think the owner always
| has 'READ' access right on a file, 'READ and WRITE' access
| rights on a directory? I checked the code of
| posix_acls.c, those bits are OR-ed by default
It was a workaround for some empty nttrans_set_security_descriptor()
requests IIRC. Mostly had problems with profiles becoming
unusable.
| 2. Try to create a folder via the Samba
| Win2k client(make sure there are only base permissions
| on it - no any ACLs), right click on the folder and go
| to 'Security' tab, choose the owner in the name table,
| tick some check-boxes in column 'Allow' and
| click 'Apply', you will see two more entries 'CREATOR OWNER'
| and 'CREATOR GROUP' are displayed - I understand this
| is caused by that the default ACLs are created.
| ut why the default ACLs for the owner is NOT created??
| The default ACLs can only be created when the
| former steps are repeated.
If I understand your question correctly, it is because Samba
only translates the acls as they exist on disk. You can
setup the default acls from a shell prompt if you like.
cheers, jerry
=====================================================================
Alleviating the pain of Windows(tm) ------- http://www.samba.org
GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc
"I never saved anything for the swim back." Ethan Hawk in Gattaca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCIzwHIR7qMdg1EfYRAv+BAJ4hWjAvMlVGM8Vp89l3FIQLFBd8ywCfdCE8
qYbhIRHEYjY1oUWVI1Ifaas=
=5jPt
-----END PGP SIGNATURE-----
More information about the samba
mailing list