RE [Samba] Bug? "inherit acls" not working as expected

stephane.purnelle at corman.be stephane.purnelle at corman.be
Fri Jan 4 15:13:43 GMT 2008 

not sure that you are right.

Samba use both unix right and posix acl right.

the directory test1 have unix right that autorise smb-Users to access-it.
And you cancel it with acl entry => the smb-users group have no right.
But you not have default acl entry, if you spec default acl entry with the 
same right that the acl entry, all directory created under test will take 
the value described by default acl entry.
Else take the unix value.





-----------------------------------
Stéphane PURNELLE                         stephane.purnelle at corman.be
Service Informatique       Corman S.A.           Tel : 00 32 087/342467

samba-bounces+stephane.purnelle=corman.be at lists.samba.org a écrit sur 
04/01/2008 15:40:47 :

> Hello
> 
> I'm running Debian Etch with distro kernel & Samba package (2.6.18-5-686
> & 3.0.24-6etch9).
> 
> In my smb.conf I have :
> 
> inherit owner = yes
> inherit permissions = yes
> inherit acls = yes
> 
> 
> I start with a dir test1 with no rights for group smb-Users, rx for
> group smb-Inf, and rwx for group smb-Bme-Fr :
> 
> root at samba1:/mnt/temp # ll
> total 28
> drwxr-xr-x  4 root root       4096 2008-01-04 15:08 .
> drwxr-xr-x  4 root root         29 2008-01-04 14:38 ..
> drwx------  2 root root      16384 2008-01-04 14:37 lost+found
> drwxrwx---+ 2 root smb-Users  4096 2008-01-04 15:25 test1
> root at samba1:/mnt/temp # getfacl test1/
> # file: test1
> # owner: root
> # group: smb-Users
> user::rwx
> group::---
> group:smb-Inf:r-x
> group:smb-Bme-Fr:rwx
> mask::rwx
> other::---
> 
> 
> >From a Windows XP client with a user member of the group smb-Bme-Fr I
> create a dir test2 in dir test1, then I have :
> 
> root at samba1:/mnt/temp # ll test1/
> total 20
> drwxrwx---+ 3 root smb-Users 4096 2008-01-04 15:26 .
> drwxr-xr-x  4 root root      4096 2008-01-04 15:08 ..
> drwxrwx---+ 2 root smb-Users 4096 2008-01-04 15:26 test2
> root at samba1:/mnt/temp # getfacl test1/test2/
> # file: test1/test2
> # owner: root
> # group: smb-Users
> user::rwx
> group::rwx
> group:smb-Inf:r-x
> group:smb-Bme-Fr:rwx
> mask::rwx
> other::---
> 
> 
> The group smb-Users should have no rights on test2, inherited from the
> test1 dir, but it has rwx. A user belonging to smb-Users and smb-Inf has
> rwx access and he should have just rx.
> 
> I'm using XFS on my Samba server, I tried with ext3 with same results.
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list