[Samba] zfs permissions

Tom Jermy tomjermy at gmail.com
Wed Mar 12 06:44:42 MDT 2014 

Should I share me smb.conf? I'll share my smb.conf. It's not complicated:

# Global parameters
[global]
        workgroup = COMPANYNAME
        realm = companyname.local
        netbios name = PDC
        server role = active directory domain controller
        server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
winbind, ntp_signd, kcc, dnsupdate
        allow dns updates = true
        dns forwarder = 8.8.8.8

[netlogon]
        path = /var/lib/samba/sysvol/company.local/scripts
        read only = No

[sysvol]
        path = /var/lib/samba/sysvol
        read only = No

[Company]
        path = /Companyname/Company/ # zfs mount
        read only = No

[root]
        path = /
        read only = No
        force user = root

[zfsTest]
        path = /Companyname/test # another zfs mount for testing porpoises.
        read only = No



On 12 March 2014 02:46, Tom Jermy <tomjermy at gmail.com> wrote:

> Hello,
>
> I'm using Samba Version 4.0.15-SerNet-RedHat-7.el6 (AD DC)
> and zfs-0.6.2-1.el6.x86_64.
>
> I cannot change permissions on files from either Windows ('Access Denied')
> or the samba-tool on shares from local zfs mounts:
>
> # samba-tool ntacl set 'O:LAG:S-1-22-2-0D:PAI(A;OICI;0x001301bf;;;WD)'
> CompanyName/ Company/
>
> fset_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_ACCESS_DENIED.
> ERROR(runtime): uncaught exception - (-1073741790, 'Access denied')
>   File "/usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py", line
> 175, in _run
>     return self.run(*args, **kwargs)
>   File "/usr/lib64/python2.6/site-packages/samba/netcmd/ntacl.py", line
> 90, in run
>     setntacl(lp, file, acl, str(domain_sid), xattr_backend, eadb_file,
> use_ntvfs=use_ntvfs)
>   File "/usr/lib64/python2.6/site-packages/samba/ntacls.py", line 154, in
> setntacl
>     smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP
> | security.SECINFO_DACL | security.SECINFO_SACL, sd)
>
> I cannot see where I am going wrong. I have zfs set
> aclinheritance=passthrough-x, tried xattr on/off/sa/dir ...
>
> Perhaps this belongs on the zfs list but would appreciate any feedback if
> there are folk out there who have encountered this / not encountered this.
>
> Thank you
>

More information about the samba mailing list