[Samba] More help on ACL problem please.
Travis Bullock
tbullock at avmax.ca
Thu Jan 20 20:33:57 GMT 2005
Hello,
I am running Fedora Core 2.
Kernel: linux-2.6.5-1.358
Kernel supports ACL:
[root at atlas configs]# grep FS_SECURITY kernel-2.6.5-i686-smp.config
CONFIG_EXT2_FS_SECURITY=y
CONFIG_EXT3_FS_SECURITY=y
CONFIG_XFS_SECURITY=y
CONFIG_DEVPTS_FS_SECURITY=y
[root at atlas configs]# grep XATTR kernel-2.6.5-i686-smp.config
CONFIG_EXT2_FS_XATTR=y
CONFIG_EXT3_FS_XATTR=y
CONFIG_DEVPTS_FS_XATTR=y
Have extended attributes set in /etc/fstab is as follows:
/dev/Goliath/root / ext3 acl,user_xattr 1 1
I have a directory called Planning with ACL permissions assigned via the
setfacl command:
drwxrwx---+ 2 root AVMAX+Planning 4096 Jan 14 09:55 Planning
which looks like this with getfacl:
[root at atlas avamx_shares]# getfacl Planning/
# file: Planning
# owner: root
# group: AVMAX+Planning
user::rwx
group::rwx
group:AVMAX+Domain Users:r--
mask::rwx
other::---
Problem:
If I add my user to the AVMAX+Planning group on my NT DOMAIN PDC there is no
problem. I can browse to the Planning directory via My Network Places.
However if I remove my account from the AVMAX+Planning group and browse to
the Planning directory it prompts me for a password. Because my account is
by default a member of the AVMAX+Domain Users and I have configured (i
think) the Planning directory ACL to allow read access to the AVMAX+Domain
Users group.....I should be able to browse this directory without being
prompted for a username and password....
QUESTION: What did I do wrong or not do at all to make the applied ACL
function correctly and allow all users in the AVMAX+Domain Users group read
acces to the Planning samba share?
Cheers,
Travis
More information about the samba
mailing list