[Samba] vfs_acl_xattr doesn't work unless all the inherit and map inherit acl parameters are set to yes, but want to set inherit owner = no
Sabuj Pattanayek
sabujp at gmail.com
Wed Aug 20 15:50:47 MDT 2014
I noticed that vfs_acl_xattr doesn't work unless all the inherit and map
inherit acl parameters are set to yes. Which is fine but if I turn off
inherit owner it completely breaks inheritance and security.NTACL never
gets set for the file/directory that's created by the user. I want the uid
of the user who's connected to be written and not the owner of the parent
directory. Is there anyway to get vfs_acl_xattr to work with inherit owner
turned off ?
Btw, I have a non-standard setup where the server is connected to both ldap
(nslcd) and ad (winbind) since our AD doesn't provide uid's . We have lots
of smb/nfs servers operated by various groups so we try to maintain some
sort of consistency for clients by providing the same uid #'s (provided in
ldap) on files, so my smb.conf actually has :
# ldap handles users
winbind enum users = no
# setting this to no forces samba to use the gid of an equivalently named
group from ldap with force group on a share, still allows for winbind in
the nsswitch.conf group line
winbind enum groups = no
# /etc/nsswitch.conf
passwd: files ldap
group: files ldap winbind
Thanks,
Sabuj
More information about the samba
mailing list