[Samba] ACL set up yet Security Properties not sticking.

[greg at fqdn.com]

Hi,

On a windows client if I attempt to modify the permissions on a file which
resides on a linux server,  when I hit "apply or ok" my changes are lost.

Doing it from the unix cli (using setfacl) works as expected and the
changes are not lost.

Yet on windows if I right click - properties - Security.  select add,  add
a user or group,  hit Apply and the user/group I just added is removed.

ACL support is properly configured as far as I am aware on the linux file
server.

any one  with any idea as to what I should look at,  that would be great,
thanks!

It has been a bummer modifying all the permission change requests by hand.



======================================================
samba is built with ACL support:
smbd -b |grep ACL
   HAVE_SYS_ACL_H
   HAVE_POSIX_ACLS
======================================================
Kernel has ACL support built in as does the file system:
CONFIG_NFS_ACL=y
CONFIG_NFSD_ACL=y
CONFIG_NFS_ACL_SUPPORT=y
CONFIG_REISERFS_FS_POSIX_ACL=y
CONFIG_FS_POSIX_ACL=y
======================================================
mount returns:
/dev/mapper/VG01-LV01 on /export/exec type reiserfs (rw,acl,user_xattr)
=======================================================
if I modify a files ACL from the command line (local to the server) the
changes stick and are viewable on the windows client:
exec:/export/exec/foobar # getfacl complight.jpg
# file: complight.jpg
# owner: greg
# group: users
user::rw-
group::r-x
group:systems_smb:r-x
mask::rwx
other::---

exec:/export/exec/foobar # setfacl -m user:john:rwx complight.jpg
exec:/export/exec/foobar # getfacl complight.jpg
# file: complight.jpg
# owner: greg
# group: users
user::rw-
user:john:rwx
group::r-x
group:systems_smb:r-x
mask::rwx
other::---
=======================================================

The domain is controled by a samba pdc server running version 3.0.8,  all
linux samba servers run in DOMAIN mode.

I'll be glad to provide further information if required.