[Samba] Losing Permissions of Files

Gerry Reno greno at verizon.net
Tue Jun 18 09:46:09 MDT 2013 

On 06/18/2013 09:49 AM, Jonathan Buzzard wrote:
> On Tue, 2013-06-18 at 12:37 +1000, Andrew Bartlett wrote:
>> On Wed, 2013-06-12 at 16:37 -0700, bogdan_bartos wrote:
>>> Are these directives working for samba 4??? This looks like samba 3 to me. We
>>> need a fix for samba 4...
>> Samba 4.0 uses largely the same parameter set as Samba 3.x, because it
>> really is just the next version of Samba as far as the file server is
>> concerned.
>>
>> The main distinction in the case of the AD DC is that we set some
>> defaults differently in that mode.  That is, we set:
>>
>> 	map archive = No
>> 	map readonly = no
>> 	store dos attributes = Yes
>> 	vfs objects = dfs_samba4, acl_xattr
>>
>> And these are defaults in all modes:
>>         map system = no
>>         map hidden = no
>>
>> I hope this helps clarify things.
>>
> I wonder if the issue is that the file system being used by the OP does
> not have extended attributes enabled at mount time. If they don't then
> Samba of whatever version is not able to store the DOS attributes in
> files extended attributes and Office 2007/2010 will still get confused
> and do the wrong thing.
>
> Remember ext3 and ext4 file systems have to be explicitly mounted with
> extended attributes enabled, where as XFS always has them enabled.
>
> JAB.
>

I use a little script to test extended attributes and acls on new systems.

Attached.  Rename it from .txt to .sh after downloading.

Gerry




-------------- next part --------------
#!/bin/bash
CD=$(pwd)
cd /var/tmp

# TEST EXTENDED ATTRIBUTES
echo -n "extended attributes: "
TESTFILE=extendedattrtest.txt
touch $TESTFILE
setfattr -n user.test     -v test  $TESTFILE
setfattr -n security.test -v test2 $TESTFILE
if [ "$(getfattr -n user.test -d $TESTFILE --only-values)" == "test" -a "$(getfattr -n security.test -d $TESTFILE --only-values)" == "test2" ]; then
	echo PASS
else
	echo FAIL
fi
### getfattr -d $TESTFILE
rm $TESTFILE

# TEST ACLS
echo -n "               acls: "
TESTFILE=acttest.txt
touch $TESTFILE
setfacl -m g:adm:rwx $TESTFILE
if [ "$(getfacl -t $TESTFILE | sed -e "s/[ ]*$//" -e "s/[ ][ ]*/ /g" | grep adm)" == "group adm rwx" ];then
	echo PASS
else
	echo FAIL
fi
### getfacl -t $TESTFILE
rm $TESTFILE

cd $CD

More information about the samba mailing list