[Samba] Changing group owner to a group user is not member of
Andrew Morgan
morgan at orst.edu
Mon Apr 30 23:26:35 GMT 2007
On Mon, 30 Apr 2007, Henrik Zagerholm wrote:
> Hi,
>
> I'm using latest samba 3.0.24 on a debian etch box (ext3, acl) in ADS mode
> joined to a W2003 domain.
>
> Everything works fine except when I want to change the group of a file to
> something the user is not member of.
>
> Even if I run the commands as Administrator I can't seem to change to groups
> expect to those that the Administrator is member of.
> This is really annoying as its very inconvenient to have a user member of all
> groups...
>
> Is there some way to change this behavior?
I'm guessing you don't have Administrator mapped to root in unix?
I recently stumbled across the issue you describe in another context, and
found this note in the Solaris manpage for chgrp:
The operating system has a configuration option
_POSIX_CHOWN_RESTRICTED, to restrict ownership changes. When
this option is in effect, the owner of the file may change
the group of the file only to a group to which the owner
belongs. Only the super-user can arbitrarily change owner
IDs, whether or not this option is in effect.
(the option is enabled by default in Solaris).
The linux manpage doesn't list this restriction, but it definitely is in
effect there too.
This seems to be a POSIX restriction, unrelated to Samba. There is a way
to disable it in Solaris, but I don't know of a way to disable it in
linux.
Andy
More information about the samba
mailing list