[Samba] Does Samba 4 actually respect Unix file acls?
Rufe Glick
rufe.glick at gmail.com
Fri Dec 19 13:58:58 MST 2014
Hello Jeremy,
Friday, December 19, 2014, 3:48:51 PM, you wrote:
> On Fri, Dec 19, 2014 at 12:47:51PM -0500, Rufe Glick wrote:
>> Hello,
>> After researching the subject on the internet I concluded that Samba should take into account Unix file acls. During my tests I found the opposite. Only Unix file mode bits are respected, and file acls are ignored. If my initial assumption is correct and Samba do respect Unix file acls, then I am doing something wrong. Please see the setup below and point to what I am doing wrong.
>> Distribution and Samba version in use: Centos Linux 7; Samba 4.1.1
>> ##### Server
>> # Create Linux users
>> useradd alice
>> useradd bob
>> # Create a directory to be shared; set ro permissions for alice using \
>> # file mode bits and rw permissions for bob using file acls
>> mkdir /home/smbshare
>> chown alice:alice /home/smbshare
>> chmod 0500 /home/smbshare
>> setfacl -m u:bob:rwx /home/smbshare
>> setfacl -m m:rwx /home/smbshare
>> # Create a file for testing purposes
>> echo 'Hello world!' > /home/smbshare/test.txt
>> # Add users to Samba database
>> pdbedit -a -u alice
>> pdbedit -a -u bob
>> # Define share in smb.conf and restart the smb daemon
>> vim /etc/samba/smb.conf
>> comment = smbshare for alice(ro) and bob(rw)
>> path = /home/smbshare
>> browseable = yes
>> writeable = yes
>> valid users = alice bob
>> systemctl reload smb
>> # Set the SELinux permissions and open samba on firewall
>> chcon -R -t samba_share_t /home/smbshare
>> firewall-cmd --add-service=samba --permanent
>> firewall-cmd --reload
>> ##### Client
>> # Create Linux users
>> useradd alice
>> useradd bob
> Do alice and bob have the same user ids on client
> and server ?
Yes, the uids and gids are identical on both server and client machines.
More information about the samba
mailing list