[Samba] Bizarre - How did windows user setfacl for a file??

David C. Rankin drankinatty at suddenlinkmail.com
Wed Nov 12 07:46:45 GMT 2008 

Listmates,

	In 8 years, since 2.02 (I think), I have never seen this behavior out of
samba. I run a stand-alone server with WinXP clients. Somehow a legal assistant
created (not intentionally mind you) files and directories with ACL attributes set:

-rwxrwx---+ 1 cyndy ochiltree 21504 2008-10-28 16:48 AUTHORIZATION -
employment.doc*
-rwxrwx---+ 1 cyndy ochiltree 12804 2008-10-28 16:48 AUTHORIZATION -
employment.pdf*
drwxrwx---+ 2 cyndy ochiltree  4096 2008-10-29 16:56 Gregg, Joy/
-rwxrwx---+ 1 cyndy ochiltree 44544 2008-10-28 16:32 POA - BG Contingency New.doc*
-rwxrwx---+ 1 cyndy ochiltree 48309 2008-10-28 16:31 POA - BG Contingency New.pdf*
drwxrwx---+ 2 cyndy ochiltree  4096 2008-10-29 16:51 Roper, Buddy/

	What in the heck? I found the setfacl --remove-all
command that gets rid of this, but I'm still left wondering WTF happened in the
first place? Moreover, how do I configure samba to make sure this never happens
again? My config is:

[global]
  use sendfile = No
  workgroup = rb_law
  server string = Samba Server %v
  printcap name = cups
  load printers = yes
  printing = cups
  show add printer wizard = No
  disable spoolss = yes
  log file = /var/log/samba/log.%m
  max log size = 500
  smb ports = 139
  log level = 1
  time server = yes
  hosts allow = 192.168.7. 192.168.8. 127. 66.76.63.120
  map to guest = bad user
  security = user
  encrypt passwords = yes
  smb passwd file = /etc/samba/smbpasswd
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   local master = yes
  os level = 80
  domain master = yes
  preferred master = yes
  name resolve order = wins lmhosts bcast
  wins support = yes
   dns proxy = no
[samba]
        comment = Base Samba Share
        path = /home/samba
        valid users = @ochiltree
        force group = ochiltree
        admin users = david
        browseable = Yes
        writeable = Yes
        force create mode = 0770
        force directory mode = 0770

	What do I need to change? Thanks for any help you can give.


-- 
David C. Rankin, J.D., P.E.
Rankin Law Firm, PLLC
510 Ochiltree Street
Nacogdoches, Texas 75961
Telephone: (936) 715-9333
Facsimile: (936) 715-9339
www.rankinlawfirm.com

More information about the samba mailing list