[Samba] Losing Permissions of Files
greno at verizon.net
Tue Jun 18 09:46:09 MDT 2013
On 06/18/2013 09:49 AM, Jonathan Buzzard wrote:
> On Tue, 2013-06-18 at 12:37 +1000, Andrew Bartlett wrote:
>> On Wed, 2013-06-12 at 16:37 -0700, bogdan_bartos wrote:
>>> Are these directives working for samba 4??? This looks like samba 3 to me. We
>>> need a fix for samba 4...
>> Samba 4.0 uses largely the same parameter set as Samba 3.x, because it
>> really is just the next version of Samba as far as the file server is
>> The main distinction in the case of the AD DC is that we set some
>> defaults differently in that mode. That is, we set:
>> map archive = No
>> map readonly = no
>> store dos attributes = Yes
>> vfs objects = dfs_samba4, acl_xattr
>> And these are defaults in all modes:
>> map system = no
>> map hidden = no
>> I hope this helps clarify things.
> I wonder if the issue is that the file system being used by the OP does
> not have extended attributes enabled at mount time. If they don't then
> Samba of whatever version is not able to store the DOS attributes in
> files extended attributes and Office 2007/2010 will still get confused
> and do the wrong thing.
> Remember ext3 and ext4 file systems have to be explicitly mounted with
> extended attributes enabled, where as XFS always has them enabled.
I use a little script to test extended attributes and acls on new systems.
Attached. Rename it from .txt to .sh after downloading.
-------------- next part --------------
# TEST EXTENDED ATTRIBUTES
echo -n "extended attributes: "
setfattr -n user.test -v test $TESTFILE
setfattr -n security.test -v test2 $TESTFILE
if [ "$(getfattr -n user.test -d $TESTFILE --only-values)" == "test" -a "$(getfattr -n security.test -d $TESTFILE --only-values)" == "test2" ]; then
### getfattr -d $TESTFILE
# TEST ACLS
echo -n " acls: "
setfacl -m g:adm:rwx $TESTFILE
if [ "$(getfacl -t $TESTFILE | sed -e "s/[ ]*$//" -e "s/[ ][ ]*/ /g" | grep adm)" == "group adm rwx" ];then
### getfacl -t $TESTFILE
More information about the samba