RE [Samba] More help on ACL problem please...anyone...anyone...Bueller?

spu at corman.be spu at corman.be
Mon Jan 24 16:03:04 GMT 2005 




Hi,

I think is not a ACL problem, it's a smb.conf share configuration problem,
could you sent a part of your smb.conf which about of this share.

-----------------------------------
Stéphane PURNELLE                         stephane.purnelle at corman.be
Service Informatique       Corman S.A.           Tel : 00 32 087/342467


                                                                           
             "Travis Bullock"                                              
             <tbullock at avmax.c                                             
             a>                                                          A 
             Envoyé par :              "Samba (E-mail)"                    
             samba-bounces+ste         <samba at lists.samba.org>             
             phane.purnelle=co                                          cc 
             rman.be at lists.sam                                             
             ba.org                                                  Objet 
                                       [Samba] More help on ACL problem    
                                       please...anyone...anyone...Bueller? 
             24/01/2005 16:59                                              
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           




Hello,

I am running Fedora Core 2.

Kernel: linux-2.6.5-1.358

Kernel supports ACL:

[root at atlas configs]# grep FS_SECURITY kernel-2.6.5-i686-smp.config
CONFIG_EXT2_FS_SECURITY=y
CONFIG_EXT3_FS_SECURITY=y
CONFIG_XFS_SECURITY=y
CONFIG_DEVPTS_FS_SECURITY=y
[root at atlas configs]# grep XATTR kernel-2.6.5-i686-smp.config
CONFIG_EXT2_FS_XATTR=y
CONFIG_EXT3_FS_XATTR=y
CONFIG_DEVPTS_FS_XATTR=y

Have extended attributes set in /etc/fstab is as follows:

/dev/Goliath/root       /                       ext3    acl,user_xattr  1 1

I have a directory called Planning with ACL permissions assigned via the
setfacl command:

drwxrwx---+  2 root           AVMAX+Planning     4096 Jan 14 09:55 Planning

which looks like this with getfacl:

[root at atlas avamx_shares]# getfacl Planning/
# file: Planning
# owner: root
# group: AVMAX+Planning
user::rwx
group::rwx
group:AVMAX+Domain Users:r--
mask::rwx
other::---

Problem:

If I add my user to the AVMAX+Planning group on my NT DOMAIN PDC there is
no
problem. I can browse to the Planning directory via My Network Places.
However if I remove my account from the AVMAX+Planning group and browse to
the Planning directory it prompts me for a password.  Because my account is
by default a member of the AVMAX+Domain Users and I have configured (i
think) the Planning directory ACL to allow read access to the AVMAX+Domain
Users group.....I should be able to browse this directory without being
prompted for a username and password....

QUESTION:  What did I do wrong or not do at all to make the applied ACL
function correctly and allow all users in the AVMAX+Domain Users group read
acces to the Planning samba share?

Cheers,

Travis

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list