[Samba] ACLs fail in 3.0.23d
jens.nissen at gmx.net
Tue Jan 30 15:13:51 GMT 2007
OK - I managed to track down the bug inside Samba, but I have no easy way to work around it.
The dynamic mapping of vfs acls inside Samba does not seem to work.
See the following sequence in posix_acls.c in function get_nt_acl:
* Get the ACL from the path.
posix_acl = SMB_VFS_SYS_ACL_GET_FILE(conn, fsp->fsp_name, SMB_ACL_TYPE_ACCESS);
/// My Workaround
/// posix_acl equals 0 here
/// posix_acl is something else than 0 here
/// End My Workaround
While SMB_VFS_SYS_ACL_GET_FILE returns a Null-Pointer, the call afterwards to acl_get_file does return a ACL description which is non-zero.
So the vfs-wrapper code fails, even though smbd is obviously linked to the correct ACL 1.0 library (as acl_get_file can be found inside libacl).
How can I work around this? It would be horrible, if I had to find all wrapped library code and replace it by something hard-wired.
-------- Original-Nachricht --------
Datum: Tue, 30 Jan 2007 11:44:18 +0100 (MET)
Von: Jan Engelhardt <jengelh at linux01.gwdg.de>
An: Jens Nissen <jens.nissen at gmx.net>
Betreff: Re: [Samba] ACLs fail in 3.0.23d
> >One question: how does Samba find out, that ACLs are activated?
> I suppose the only sane way is to try calling functions from libacl. If
> they fail unreasonably, then the fs does not support ACLs.
> >>> Whenever I try to read or modify ACLs from my Windows 2000 PDC, my
> >>> Domain Member Server (Security = ADS) does not allow setting ACLs, nor
> >>> does it display the existing ACLs.
> >> Does it at least enforce them?
> >What does "enforce" mean?
> chmod 600 file
> setfacl -m u:otheruser:rwx file
> should give otheruser write permissions on the file, even if Windows
> does not get ACLs right (e.g. W98, which does not know ACLs at all).
> >But I am missing something like --WITH-ACL:
> smbd -b shows defines, not configure options.
> ft: http://freshmeat.net/p/chaostables/
Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer
More information about the samba