[Samba] Mac OSX breaking POSIX rights with SMB/CIFS
Michael Gasch
gasch at eva.mpg.de
Thu May 19 09:41:27 GMT 2005
hi list,
we recently saw the following weird behaviour on samba v3.0.13 with
MacOSX panther and tiger as clients
--setup--
[share1]
path = /data
valid users = @admins
force user = administrator
inherit permissions = yes
force create mode = 770
force directory mode = 2770
[share2]
path = /data/folder
valid users = @noadmins
force user = administrator
inherit permissions = yes
force create mode = 770
force directory mode = 2770
where:
/data administrator.admins rwxrwsr-x
/data/folder administrator.noadmins rwxrws---
members of @admins are also members of @noadmins
--setup--
if you connect from MaxOSX (smb/cifs) to share2 and create a file the
file looks like
/data/folder/new.txt administrator.noadmins rwxrwx---
if you connect now from MaxOSX (smb/cifs) to share1 and create a file in
/data/folder the file looks like
/data/folder/new2.txt administrator.*admins* rwxrwx---
even if you modify new.txt and save it it gets this group change
(noadmins->admins) - so nobody from noadmins is able to modify those
files anymore :(
we were able to reproduce this on a windows NT fileserver in the same
setup (of course with equivalent NTFS/share rights)
if you follow this procedure with a windows client everything looks like
it should:
all files/dirs in /data/folder/ get rwxrwx--- (or rwxrws--- for dirs)
and administrator.noadmins as the owners
can you help us? could you please try to reproduce this?
we have to use minimum acls because we use netatalk also which doesn't
understand ext. acls!
thx in advance
--
Michael Gasch
Max Planck Institute for Evolutionary Anthropology
Department of Human Evolution
Deutscher Platz 6
D-04103 Leipzig
Germany
Phone: 49 (0)341 - 3550 137
More information about the samba
mailing list