[Samba] 4.1.7 Server Side Copies & Disk Permissions

[steve]

On Mon, 2014-04-28 at 15:57 +0200, David Disseldorp wrote:
> On Tue, 22 Apr 2014 11:46:26 +0200, David Disseldorp wrote:
> 
> > > Same as in 4.1.6 and always the same so I will not bother to add a log.
> > > 
> > > If you follow http://wiki.samba.org/index.php/Setting_up_a_home_share
> > > 
> > > But have vfs objects = btrfs declared all is different.
> > > 
> > > You can add users and groups but the default Everyone,  CREATOR GROUP and a Unknown you just can't delete them.
> > > 
> > > As soon as you press apply then they are back again.  
> > 
> > I expect this is due to the POSIX to Windows Access Control List mapping
> > behaviour. The Owner, Group and Other entries are always present in a
> > POSIX ACL. Samba maps these entries to NT ACL entries on retrieval.
> > 
> > The vfs_btrfs module doesn't intercept ACL retrieval/manipulation
> > requests, so you shouldn't see any difference from the default VFS in
> > this regard.
> 
> For the record, the issue is caused by Samba's setting of the
> "vfs objects" parameter when running as an AD domain controller.
> 
> https://bugzilla.samba.org/show_bug.cgi?id=10560
> 
> If "vfs objects" is not set, then Samba configures the dfs_samba4 and
> acl_xattr VFS modules. If it is set, then the parameter is left as is.
> 
> Which means if a user goes from...
> 
> [global]
> server role = active directory domain controller
> [share]
>         path = /samba/samba1/
>         read only = No
> 
> to...
> 
> [global]
> server role = active directory domain controller
> [share]
>         path = /samba/samba2/
>         read only = No
>         vfs objects = btrfs
> 
> ...then the acl_xattr module is implicitly disabled, breaking the users
> existing ACL<->xattr mapping setup.
> 
> AFAICT, this behaviour is currently undocumented.

Ah. So GPOs and using the DC as a file server for user shares won't work
with btrfs? Or only until 10560 is solved?
Thanks