[Samba] [samba] Linux acls problem with windows 7 and vista

sisu . npillao at hotmail.com
Mon Jan 24 17:02:37 MST 2011 

Hei all,
Today I upgraded my samba which was a really old version 3.0.33 (I know)  to 3.5. The upgraded seemed alright  since I realize that I got a problem with the linux acls, I wanna say that I only have this problem with windows 7 and Vista, however windows xp works alright
To try to be concreted I will try to expose the problem with an example, the point is that I have a directory called 'shared', which is set as:
[shared]    comment =  Shared directory    path = /samba/shared    read only = no    force create mode = 0770    force directory mode = 0770    force group = root    locking = no    oplocks = no    veto oplock files = /*.txt/
and the acl's I set are the following:
 getfacl shared/
# file: shared# owner: root# group: rootuser::rwxgroup::---group:company:r-xgroup:helpdesk:r-xgroup:sysadmin:r-xgroup:tech:r-xmask::rwxother::---default:user::rwxdefault:group::---default:group:company:rwxdefault:mask::rwxdefault:other::---
I have an user called user1 who has "company" as a primary group, and I have a user2 who has "company" as a primary group and sysadmin as  secondary group. The fact is that the user2 is able to get on the shared directory and user1 not, but if I set the user1 on the tech group then this user1 is able to get on the directory. weird huh?
So weird ! I spent a lot of time with it and I'm not able to find out what is going on :( I thought even that it could be a bug but I didn't find any case exactly like that.
The only suspicious line I fond in may samba log are:
[2011/01/24 16:27:11.098007,  3] smbd/sec_ctx.c:418(pop_sec_ctx)  pop_sec_ctx (1030, 0) - sec_ctx_stack_ndx = 0[2011/01/24 16:27:11.098046,  3] smbd/error.c:80(error_packet_set)  error packet at smbd/error.c(160) cmd=162 (SMBntcreateX) NT_STATUS_ACCESS_DENIED[2011/01/24 16:27:11.098107,  3] smbd/process.c:1485(process_smb)  Transaction 39 of length 114 (0 toread)[2011/01/24 16:27:11.098124,  3] smbd/process.c:1294(switch_message)  switch message SMBntcreateX (pid 10278) conn 0x2b841d0f2200[2011/01/24 16:27:11.098139,  4] smbd/uid.c:257(change_to_user)  change_to_user: Skipping user change - already user
I will appreciate so much any help !!!
c u !

More information about the samba mailing list