[Samba] Access rights from ACLs not honored when setting file attributes?
Felix Brack (Mailinglist)
fb at ltec.ch
Wed Jun 1 04:31:34 MDT 2011
This is somewhat a reincarnation of a problem I am facing since
upgrading to samba 3.5.6 (3.5.8 is identical).
I use samba on an ext3 ACL enabled file system. Typically a users access
rights are determined by his or her membership in different groups. The
access right is therefore defined and granted by/to the group, not the
user. These groups then appear in the ACL of directories and files
whereby the access is granted.
This system works perfect when creating, modifying and delete files or
directories - no issues at all.
However using the windows function 'SetFileAttributes' fails in case the
user who is connected to the samba server and executes the function is
not either the owner of the file/directory or member of the owning group
of the file/directory. Therefore it looks like samba is ignoring any ACL
entry when using the windows function 'SetFileAttributes'. No matter if
there is an ACE granting the proper access right, samba fails.
Is there a principle difference in how samba interprets access rights
depending on whom (user, primary group membership or ACL) grants them?
Why do file/directory operations such as create/modify/delete work, no
matter how the access right was granted (including from ACL)?
regards Felix
More information about the samba
mailing list