RES: [Samba] ACLs with Problem

Luis Henrique de Faria Guimarães henrique at
Fri Sep 23 12:39:10 GMT 2005

Hi Greg,
Really, the first step to install filesystem it with support ACL.  It looks at my archive:
LABEL=/                 /                       ext3    defaults,acl    1 1
LABEL=/boot             /boot                   ext3    defaults        1 2
LABEL=/data             /data                   ext3    defaults,acl    1 2
none                    /dev/pts                devpts  gid=5,mode=620  0 0
none                    /proc                   proc    defaults        0 0
none                    /dev/shm                tmpfs   defaults        0 0
/dev/cciss/c0d0p2       swap                    swap    defaults        0 0
/dev/cdrom              /mnt/cdrom              udf,iso9660 noauto,owner,kudzu,ro 0 0
/dev/fd0                /mnt/floppy             auto    noauto,owner,kudzu 0 0

My server samba is integrated with the server windows 2003 (PDC). The server samba is using the users of windows 2003, catching using the way winbind.
When I try to change the permissions of an file of the server samba, in my workstation I appear a message "Denied Access". I perceived that windows also does not obtain to catch the extendidas permissions when I modified for the server linux.
It looks at some parameters of my smb.conf:
nt acl support = Yes
acl compatibility = win2k
acl map full control = yes
acl check permissions = no
acl group control = yes
inherit acls = Yes
profile acls = Yes
map acl inherit = Yes
force unknown acl user = Yes

You can help me?
-----Mensagem original-----
De: Greg Folkert [mailto:greg at]
Enviada em: quinta-feira, 22 de setembro de 2005 13:35
Para: samba at
Assunto: Re: [Samba] ACLs with Problem

On Thu, 2005-09-22 at 11:43 -0300, Luis Henrique de Faria Guimarães
> Hi All,
> I am with problem with the permissions of windows.
> The samba is not getting the ACLs permissions.  I compiled version
> 3.0.20, with the following options:

Well the first thin we need to know, is the filesystem that you are
sharing via samba mounted with the acl option in the /etc/fstab?

Here is what mine looks like and I get the ACLs just fine:

/dev/datavg/examplelv	/lf/db	ext3	rw,suid,nodev,exec,auto,nouser,async,acl,errors=remount-ro	1 1

I guess, I could have done "defaults,acl,nodev" and be-equivalent... but
hey I guess I am a bit retentive.

> # file: teste.txt
> # owner: root
> # group: Domain Users
> user::rwx
> user:henrique:rw-
> group::r--
> mask::rw-
> other::r--
> The user henrique appears in linux, but he does not appear in windows.
> When I try to add permissions through windows appears a message of
> "denied access".
> Somebody can help me

Well, as long as you have the filesystem mounted (assuming it is ext3
with acl support compiled in) with the ACLs turned on... then things
should work.
greg, greg at

The technology that is 
Stronger, Better, Faster: Linux

Use Debian GNU/Linux, its a bazaar thing.

More information about the samba mailing list