[Samba] getfacl returning strange active directory group name SLES11

Michael Wood esiotrot at gmail.com
Fri Dec 7 06:19:21 MST 2012


On 7 December 2012 09:54, Axel Werner <mail at awerner.homeip.net> wrote:
> Dudes, realy ?!?! No one here KNOWS what that numbers are about ?!? No one
> else got this behavior wiht "getfacl" ?

The octal value 134 is decimal 92 which corresponds to ASCII character "\".

i.e. this is just getfacl's way of writing a backslash.

> Am 29.11.2012 12:00, schrieb Axel Werner:
>
>>
>> Hi SAMBA Gurus,
>>
>> this question does not realy match SAMBA, but its somehow related and i
>> was not able to find some sattisfying answer yet anywhere else. So im
>> hopeing for some expert here who may knows this.
>>
>> I described my case in a SLES Forum at:
>>
>>
>> https://forums.suse.com/showthread.php?2046-getfacl-returning-strange-active-directory-group-name-SLES11
>>
>>
>> Given:
>>
>> SLES 11 SP1 with SAMBA/Winbind joined to Active Directory "AD" using AD
>> Role Groups in ACLs on ext3 Filesystem
>>
>> Im playing around with Linux Filesystem ACLs on a ext3 FS but using
>> Active Directory (AD-)Users and AD-Groups for access controll to files
>> and folders, thanks to winbind this is.
>>
>> While i have to use "setfacl" just the way its been described in the man
>> page using properly formed "AD\adgroupname" and "AD\adusername" syntax,
>> the "getfacl" however returns ALWAYS something strange i was not able to
>> find something matching on the internet nor the man page nor the suse
>> manuals.
>>
>> See this output :
>>
>> ~~~~~~~~~~~~~~~~~~~~~~~~~
>> hostname:/tmp # getfacl -p /data1/testing-acls/
>>
>> # file: /data1/testing-acls/
>> # owner: root
>> # group: root
>> user::rwx
>> user:someLocalLinuxUserName:rwx
>> user:AD\134someAdUserName:rwx
>> group::rwx
>> group:AD\134rol-grp-access-control-rw:rwx
>> mask::rwx
>> other::---
>> default:user::rwx
>> default:group::rwx
>> default:group:AD\134rol-grp-access-control-rw:rwx
>> default:mask::rwx
>> default:other::---
>>
>> hostname:/tmp #
>> ~~~~~~~~~~~~~~~~~~~~~~~~~
>>
>> As you can see, local Linux-Users and Groups (not shown here but been
>> tested) will be shown correctly and as expected. AD Users and AD Groups
>> however contain some strange "number" after the Domain Prefix and the
>> before the AD-Group- or AD-Username.
>>
>> Anyone here KNOWS what this is and why its there?
>>
>> i compared this to some ancient debian 5 installation that we had laying
>> around. NOT joined to an AD but also runs some old SAMBA as a primary
>> domain controller. There it seems its pretty much the same. Whenever
>> some "windows user" or "windows group" has been written to the
>> filesystem ACL the getfacl reports that strange number in between.
>>
>>
>> THANKS in advance for any competent Answer/Pointing!
>>
>> greets
>> Axel
>>
>>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba



-- 
Michael Wood <esiotrot at gmail.com>


More information about the samba mailing list