[Samba] [mount.cifs] Mapping Windows ACLs SIDs to POSIX ACL ?

Xavier Roche roche+kml2 at exalead.com
Thu Oct 6 03:40:24 MDT 2011

Hi folks,

This may sound like a really stupid question, but I could not find any 
way to somehow map remote Windows ACLs into POSIX ACLs (mapping users 
and group SIDs to Unix mapped ids) when mounting a remote share 
(mount.cifs) on a Linux box.

Is is something not currently implemented ? The smbcacls tool can show 
the actual ACLs remotely, but this information is not exposed to the 
mounted filesystem apparently. The acl feature of the client seem to be 
an extension to CIFS allowing to handle POSIX ACLs, not something 
allowing a mapping.

Any insightful remark or documentation would be welcome!

[ Note: the only potential issue when mapping would be related to deny 
ACLs (AceType == ACCESS_DENIED_ACE_TYPE) ; something which is not 
mappable to POSIX ACL. ]

More information about the samba mailing list