[Samba] 4.1.7 Server Side Copies & Disk Permissions
steve
steve at steve-ss.com
Mon Apr 28 10:01:10 MDT 2014
On Mon, 2014-04-28 at 15:57 +0200, David Disseldorp wrote:
> On Tue, 22 Apr 2014 11:46:26 +0200, David Disseldorp wrote:
>
> > > Same as in 4.1.6 and always the same so I will not bother to add a log.
> > >
> > > If you follow http://wiki.samba.org/index.php/Setting_up_a_home_share
> > >
> > > But have vfs objects = btrfs declared all is different.
> > >
> > > You can add users and groups but the default Everyone, CREATOR GROUP and a Unknown you just can't delete them.
> > >
> > > As soon as you press apply then they are back again.
> >
> > I expect this is due to the POSIX to Windows Access Control List mapping
> > behaviour. The Owner, Group and Other entries are always present in a
> > POSIX ACL. Samba maps these entries to NT ACL entries on retrieval.
> >
> > The vfs_btrfs module doesn't intercept ACL retrieval/manipulation
> > requests, so you shouldn't see any difference from the default VFS in
> > this regard.
>
> For the record, the issue is caused by Samba's setting of the
> "vfs objects" parameter when running as an AD domain controller.
>
> https://bugzilla.samba.org/show_bug.cgi?id=10560
>
> If "vfs objects" is not set, then Samba configures the dfs_samba4 and
> acl_xattr VFS modules. If it is set, then the parameter is left as is.
>
> Which means if a user goes from...
>
> [global]
> server role = active directory domain controller
> [share]
> path = /samba/samba1/
> read only = No
>
> to...
>
> [global]
> server role = active directory domain controller
> [share]
> path = /samba/samba2/
> read only = No
> vfs objects = btrfs
>
> ...then the acl_xattr module is implicitly disabled, breaking the users
> existing ACL<->xattr mapping setup.
>
> AFAICT, this behaviour is currently undocumented.
Ah. So GPOs and using the DC as a file server for user shares won't work
with btrfs? Or only until 10560 is solved?
Thanks
More information about the samba
mailing list