[Samba] "inherit acls" only works with "inherit permissions"
FLW Tech Support
flwtech at gmail.com
Fri Dec 22 16:47:22 GMT 2006
We are running a fileserver (Samba version 3.0.10-1.4E.9) on CentOS 4.4.
No AD, clients are Windows XP and OS X.
Linux acl's are used for access to directories and files. Each top-level
folder belongs to a primary group with mode 2770. The acl's restrict access
to lower level directories. We need to pass the acl's down the directory
tree or else users may have unexpected access to lower-level subdirectories
if they have access to the top-level directory.
Two problems - "inherit acls = yes" ONLY works if "inherit permissions =
yes" AND all FILES and directories then inherit the execute bit. We do want
the execute bit set to make directories readable, we do not want to default
on the execute bit on all files.
When "inherit permissions" is not set, then "inherit acls = yes" appears to
have no effect.
Relevant section of smb.conf --
path = /home/DFT
writeable = yes
browseable = no
create mask = 660
directory mask = 2770
inherit acls = yes
inherit permissions = yes
valid users = xxx, xxx1
I have tried various other options such as "map acl inherit = yes", "dos
filemode = yes" to no avail. Setting a default acl for the primary group
has no effect.
Thanks in advance.
More information about the samba