[Samba] "inherit acls" only works with "inherit permissions"

FLW Tech Support flwtech at gmail.com
Fri Dec 22 16:47:22 GMT 2006

We are running a fileserver (Samba version 3.0.10-1.4E.9) on CentOS 4.4.

No AD, clients are Windows XP and OS X.

Linux acl's are used for access to directories and files.  Each top-level
folder belongs to a primary group with mode 2770.  The acl's restrict access
to lower level directories.  We need to pass the acl's down the directory
tree or else users may have unexpected access to lower-level subdirectories
if they have access to the top-level directory.

Two problems - "inherit acls = yes" ONLY works if "inherit permissions =
yes" AND all FILES and directories then inherit the execute bit.  We do want
the execute bit set to make directories readable, we do not want to default
on the execute bit on all files.
When "inherit permissions" is not set, then "inherit acls = yes" appears to
have no effect.

Relevant section of smb.conf --

       path = /home/DFT
       writeable = yes
       browseable = no
       create mask = 660
       directory mask = 2770
       inherit acls = yes
       inherit permissions = yes
       valid users = xxx, xxx1

I have tried various other options such as "map acl inherit = yes", "dos
filemode = yes" to no avail.  Setting a default acl for the primary group
has no effect.

Thanks in advance.
Mark Kerman

More information about the samba mailing list