[Samba] XP Administrator has no access to shares

Gémes Géza geza at kzsdabas.hu
Tue Aug 21 06:51:04 MDT 2012


2012-08-21 10:32 keltezéssel, steve írta:
> On 20/08/12 21:17, Gémes Géza wrote:
>> 2012-08-20 11:09 keltezéssel, steve írta:
>>> On 20/08/12 10:45, steve wrote:
>>>> On 20/08/12 09:42, Gémes Géza wrote:
>>>>
>>>> setfacl -R -m u:Administrator:rwx,d:u:Administrator:rwx /home2/home
>>>
>>> Hi Géza
>>> Sorry to be a pain but there is a slight problem with the acl
>>>
>>> All folders under /home2/home now have e.g.:
>>> drwxrwxr-w+ 20 steve2 domain users
>>>
>>> and files have:
>>> -rw-rwx---+ steve2 domain users
>>>
>>> which means somehow, group rw has been set for everything:
>>>
>>> steve at hh32:/home2> getfacl home
>>> # file: home
>>> # owner: root
>>> # group: root
>>> user::rwx
>>> user:administrator:rwx
>>> group::r-x
>>> mask::rwx
>>> other::r-x
>>> default:user::rwx
>>> default:user:administrator:rwx
>>> default:group::r-x
>>> default:mask::rwx
>>> default:other::r-x
>>>
>>> Is there a way to correct this?
>>> Cheers,
>>> Steve
>>>
>>>
>> Hi
>>
>> If I understand your problem you didn't like the fact that the group
>> domain users have write and read rights, isn't it?
>>
>> You can change those rights with setfacl for example.
>>
>> Regards
>>
>> Geza Gemes
>
> Hi Géza
> Actually this works. It denies group rw access _even though_ in a file 
> listing with ls -l files show as:
>
> Set the acl like you suggested:
> setfacl -R -m u:Administrator:rwx,d:u:Administrator:rwx /home2/home
>
> Files now appear like this:
> -rwxrwx--x+
> It looks as though they are group rw
>
> but in actual fact, they behave like this:
> -rwxr-x--x
>
> Conclusion: Don't believe what the file listing shows. It doesn't 
> seeem to be wysiwyg. The only way you can really see access rights is 
> to do a getfacl.
> Does that seem OK? Does anyone else observe this?
>
> Cheers,
> Steve
Yes, this is expected behavior.

Regards

Geza Gemes


More information about the samba mailing list