[Samba] ACLs under Samba 3.3.0

Jeremy Allison jra at samba.org
Fri Jan 30 19:43:04 GMT 2009

On Fri, Jan 30, 2009 at 07:24:34PM +0000, Miguel Medalha wrote:
> Is behavior of ACLs under Samba 3.3.0 (Sernet) completely different from  
> that under version 3.2.7? The release notes only talks about some 
> "fixes".
> I installed version 3.3.0 and got completely different result with the  
> same filesystem and the exact same samba configuration. The ACLs behaved  
> strangely and appeared very different under Windows ACL editor. Users  
> were  now unable to delete the exact same files they had just created in  
> a folder.
> When seen under the Windows ACL editor, the "Delete" permission was  
> unselected. All efforts to activate it failed. Even resetting the  
> permissions on the command line with setfacl did not have any effect. I  
> then reverted to 3.2.7-38 and all was right again, without any  
> modification whatsoever.
> Is this a bug or is it by design? If it is by design, then the release  
> notes really should have warned against such a *huge* difference in  
> behavior...

Much of the ACL code has been rewritten to allow underlying
filesystems to implement "native" NT ACLs directly, but
the functionality should be the same as 3.2.x when not
using the "experimental" ACL modules.

> On the subject of ACLs, is there any documentation available about the  
> experimental vfs modules acl_tdb and acl_xattr?

Not yet, it's on my list of things to document and
discuss in a talk at SambaXP this year.


More information about the samba mailing list