[Samba] Fwd: Samba Xattr and Execute Bit always set.

Prunk Dump prunkdump at gmail.com
Wed Jan 22 12:18:06 MST 2014 

> On Wed, 2014-01-22 at 12:58 +0100, Prunk Dump wrote:
>> Hello,
>>
>> Please help me. I have tried many solutions but none have solved my problem...
>>
>> Files created on my server through a samba-4.1.4 share always have
>> their execute bit set :
>>
>> ---------------------
>> ls -l /fichsamba/smbhome/teachers/pellegrb/
>> total 36
>> -rwxrwxr-x+ 1 FICHNET\pellegrb FICHNET\teachers 8745 janv. 17 18:10 test.txt
>> ---------------------
>>
>> This is problematic because I also share this directory for linux users.
>
> That file was created on a windows machine and is stored on a samba
> server. The -rwxrwxr-x+ bears no resemblance to the actual permissions
> in Linux. If you have set 0644 then that's how it will behave if you
> mount it correctly on a Linux client or on the server where the file is
> stored.
>
> Maybe the best way to prove this to your boss is to log in _on the file
> server_ as a domain user other than pellegrb but still a member of the
> teachers group. Now try to edit test.txt You can't.
>
> Or, create a bash script in the same share in windows and try to execute
> it on the file server. You can't.
> HTH
> Steve
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba


You are right !

The permissions are controlled by the ACLs. And on the file's ACLs the
"teachers" group does not have write access.

On the server :
---------------------
getfacl /fichsamba/smbhome/teachers/pellegrb/test12.txt
# file: fichsamba/smbhome/teachers/pellegrb/test12.txt
# owner: FICHNET\134pellegrb
# group: FICHNET\134teachers
user::rwx
user:3000038:r-x
group::r-x
group:FICHNET\134teachers:r-x
group:3000137:rwx
mask::rwx
other::r-x
 ---------------------

On a Linux client :
---------------------
getfacl test12.txt
# file: test12.txt
# owner: pellegrb
# group: teachers
user::rwx
user:3000038:r-x
group::r-x
group:teachers:r-x
group:3000137:rwx
mask::rwx
other::r-x
---------------------

But my problem is on the linux client. When I try to open test12.txt
the gnome DM ask me for executing or opening the file. The pellegrb
user see the test12.txt file as executable.

But on the linux client I can :

---------------------
chmod u-x test12.txt
getfacl test12.txt
# file: test12.txt
# owner: pellegrb
# group: teachers
user::rw-
user:3000038:r-x
group::rwx
group:teachers:r-x
group:3000137:rwx
mask::rwx
other::r-x
----------------------

I don't understand why the execute bit is set everywhere. It is not a
inheritance problem because when I create the file directly on the
server the execute bit is not set.

Thank you very much !

More information about the samba mailing list