[Samba] Manage ACL.
Meli Marco
Marco.Meli at gknsintermetals.com
Fri May 13 13:46:07 GMT 2005
Hi,
I'm working with samba-3.0.13-1 connect to W2k3, attr-2.4.19 and
acl-2.2.27-1.
I have the following smb.conf file settings:
[global]
netbios name = NETBIOS_NAME
os level = 16
wins server = XXX.XXX.XXX.XXX
socket options = IPTOS_LOWDELAY TCP_NODELAY SO_KEEPALIVE
workgroup = DOMAIN
realm = REALM.COM
security = ADS
password server = kdc.realm.com
encrypt passwords = yes
allow trusted domains = Yes
winbind use default domain = No
winbind separator = /
winbind enum users = Yes
winbind enum groups = Yes
idmap uid = 10000-40000
idmap gid = 10000-40000
template shell = /bin/false
use sendfile = Yes
printer admin = x
admin users = x
log file = /var/spool/samba/log.%m
log level = 1 auth:10 sam:10
max log size = 50
printcap name = cups
disable spoolss = No
show add printer wizard = Yes
printing = cups
load printers = yes
map acl inherit = yes
nt acl support = yes
[data]
comment = DATA repository
path = /data
writeable = Yes
create mask = 0750
force create mode = 0030
security mask = 0750
force security mode = 0000
directory mask = 07500
force directory mode = 0000
directory security mask = 0750
dos filetimes = yes
hide unreadable = Yes
Below data share there's the following structure, I use only AD users and
groups not local accounts:
/data/ root root group:domain users:r-x
/user/ root root group:domain users:r-x (inherited)
/user1 root root user:user1:rwx
/user2 root root user:user2:rwx
/user ... root root user: ...
The finaly result is every user can only read and write in theirs directory,
but instead they can't see theirs directory.
Before I was connected to NT-server using samba-3.0.7 and all works fine,
whats different in this release?
Thanks.
Marco.
More information about the samba
mailing list