[Samba] inherit acls and inherit permissions = execute bit always
Ray Van Dolson
rvandolson at esri.com
Mon Oct 20 21:08:11 GMT 2008
Hi all, I have a share set up as follows:
path = /images
read only = No
create mask = 0660
directory mask = 2770
hide special files = yes
hide files = /lost+found/
acl group control = yes
inherit acls = yes
map acl inherit = yes
inherit permissions = yes
map archive = no
security mask = 0111
When users create files or directories under this share, the ACL's set
at the top level are properly propagated, but the files always seem to
have the execute bit set. I'm guessing this is a side-effect of
inherit permissions per the man page:
"New files inherit their read/write bits from the parent directory.
Their execute bits continue to be determined by map archive, map
hidden and map system as usual."
The files being created have neither archive flag, hidden or system
flag set, so I'm not sure why the execute is getting set unless it is
getting pulled directly from the directory permissions.
I also notice under the inherit acls entry:
"This parameter can be used to ensure that if default acls exist on
parent directories, they are always honored when creating a new file
or subdirectory in these parent directories. The default behavior is
to use the unix mode specified when creating the directory. Enabling
this option sets the unix mode to 0777, thus guaranteeing that default
directory acls are propagated."
So I'm not sure which directive is to blame.
I attempted to use security mask to disable the setting of the execute
bit on any created files, but inherit permissions seems to override
Any suggestions? I want my files created without the execute bit set,
but want to be able to inherit ACL's.
More information about the samba