[Samba] question about "ignore system acls"
Alex Chu
alex_chu at ezcloudtech.com
Fri May 17 02:14:54 MDT 2013
Hi,
Recently I'm trying Samba over Ceph (kernel client) mount. I encounter
error when I add permission to file/directory for an additional user
from Windows Explorer. Since Ceph does not support posix ACL operation
for now, I was thinking that vfs_acl_xattr/vfs_acl_tdb with option
"ignore system acls = yes" can workaround this issue but fail. From the
man page of vfs_acl_xattr:
When set to yes, a best effort mapping from/to the POSIX ACL layer will
not be done by this module. The default is no, which means that Samba
keeps setting and evaluating both the system ACLs and the NT ACLs. This
is better if you need your system ACLs be set for local or NFS file
access, too. If you only access the data via Samba you might set this to
yes to achieve better NT ACL compatibility.
From the description, I thought if I set it to yes it will skip/ignore
the setting of system ACL and only store NT ACL in xattr. However, the
error still appear in Samba log:
acl_set_file failed: Operation not supported
even after I set it to yes. Following is my share definition:
[test]
vfs objects = acl_xattr
acl_xattr: ignore system acls = yes
available = yes
path = /mnt/ceph/test
browseable = yes
read only = no
guest ok = no
create mask = 0644
directory mask = 0755
valid users =
Can someone tell me what I had done wrong? Did I misunderstand the
option or my configuration is in incorrect format? Thanks a lot!
BTW, I'm using version 3.6.3 on Ubuntu Precise.
Best regards,
Alex
More information about the samba
mailing list