[Samba] Does Samba 4 actually respect Unix file acls?

Rufe Glick rufe.glick at gmail.com
Fri Dec 19 13:58:58 MST 2014


Hello Jeremy,

Friday, December 19, 2014, 3:48:51 PM, you wrote:

> On Fri, Dec 19, 2014 at 12:47:51PM -0500, Rufe Glick wrote:
>> Hello,

>> After researching the subject on the internet I concluded that Samba should take into account Unix file acls. During my tests I found the opposite. Only Unix file mode bits are respected, and file acls are ignored. If my initial assumption is correct and Samba do respect Unix file acls, then I am doing something wrong. Please see the setup below and point to what I am doing wrong.

>> Distribution and Samba version in use: Centos Linux 7; Samba 4.1.1

>> ##### Server

>> # Create Linux users
>> useradd alice
>> useradd bob

>> # Create a directory to be shared; set ro permissions for alice using \
>> # file mode bits and rw permissions for bob using file acls
>> mkdir /home/smbshare
>> chown alice:alice /home/smbshare
>> chmod 0500 /home/smbshare
>> setfacl -m u:bob:rwx /home/smbshare
>> setfacl -m m:rwx /home/smbshare

>> # Create a file for testing purposes
>> echo 'Hello world!' > /home/smbshare/test.txt

>> # Add users to Samba database
>> pdbedit -a -u alice
>> pdbedit -a -u bob

>> # Define share in smb.conf and restart the smb daemon
>> vim /etc/samba/smb.conf
>>     comment = smbshare for alice(ro) and bob(rw)
>>     path = /home/smbshare
>>     browseable = yes
>>     writeable = yes
>>     valid users = alice bob

>> systemctl reload smb

>> # Set the SELinux permissions and open samba on firewall
>> chcon -R -t samba_share_t /home/smbshare

>> firewall-cmd --add-service=samba --permanent
>> firewall-cmd --reload


>> ##### Client

>> # Create Linux users
>> useradd alice
>> useradd bob

> Do alice and bob have the same user ids on client
> and server ?

Yes, the uids and gids are identical on both server and client machines.



More information about the samba mailing list