[Samba] Samba Posix ACL and classical files permissions

Albe k3rmit at libero.it
Wed Jan 4 23:41:03 GMT 2006 

With "no ACL present" i meant that no acl entries are stored for that  
directory (besides the normal posix triade).

Just the three classical POSIX entries. This is the normal case for  
newly created directory under linux samba host, for example.

Anyway, to make it short, what's the point of showing three empty  
entries under windows security panel (when those entries do have  
permissions set)?
i just wondered why it has to be like this since i find it very  
counterintuitive to the user.
It should just be like: if a permission entry (of any nature) does  
exist and has a meaning, list it and show the right flags; otherwise  
do not list them.
What is shown in the security panel should have a precise meaning in  
terms of coherency with the file or directory permissions and user  
interface.

I hope to have explained myself better.


Albe



Il giorno 04/gen/06, alle ore 20:46, Gerald (Jerry) Carter ha scritto:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Albe wrote:
>
>> Well, when i first installed samba without POSIX ACLs,
>> it simply showed the classical rwx permissions of the
>> owner, group and others  as the corresponding permissions
>> in the "allow" column of the security panel.
>>
>> I would suggest to consider ACLs if present, otherwise
>> to show the classical permissions, which i think reflects
>> the real behavior in linux.
>
> Hmmm...but in your original post, you posted an ACL on
> a directory.  So what do you mean by no ACL present?
> If you enable acls in smbd, smb.conf and when mounting
> the fs, ACLs are present.
>
> If you mean, no default named mask for the owner,
> how can you tell between a file that has not had such
> an ACE assigned and one that has had the ACE explicitly
> removed?
>
> Sorry, but what you are asking for is too ambigous.  If
> you want ACLs, you have to deal with the Windows security
> model which distinguishes between an ACE that applies
> to the folder itself and one that applies to any entries
> within the folder.  I don't see any way around this.
>
>
>
>
> cheers, jerry
> =====================================================================
> Alleviating the pain of Windows(tm)      ------- http://www.samba.org
> Centeris                         -----------  http://www.centeris.com
> "There's an anonymous coward in all of us."               --anonymous
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2 (MingW32)
> Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
>
> iD8DBQFDvCYDIR7qMdg1EfYRAuJ+AJ4+OcwZAkS3dOYwBMoIpF0u6gNSYwCgpOVR
> k3AIjSviJc61j4O/5/NJEyk=
> =FRWQ
> -----END PGP SIGNATURE-----

More information about the samba mailing list