[Samba] Linux ACL mapping problem.
Prunk Dump
prunkdump at gmail.com
Wed Mar 19 06:23:38 MDT 2014
Hello,
I have a samba client with a working winbind uid/gid mapping. But the
ACL check give me strange results with mount.cifs.
The folder /uhomes/2de1 have the following ACL :
$ getfacl /uhomes/2de1
# file: /uhomes/2de1
# owner: root
# group: 2de1
user::rwx
group::r-x
group:teachers:rwx
mask::rwx
other::---
The user "pellegrb" is a member of the "teachers" group.
$ id pellegrb
uid=3000137(pellegrb) gid=3000038(teachers)
groups=3000038(teachers),100(users),3000037(fichusers),5000001(BUILTIN\users)
1) If from a windows client I mount the share as "pellegrb", I can
access the files. No problem.
2) If from a linux client I mount the share with the "noperm" flag :
mount -t cifs //fichdc/uhomes/ /uhomes/2de1 -o
user=pellegrb,uid=3000137,gid=3000038,noforceuid,noforcegid,noperm
No problem the user can access the files.
3) But If the "noperm" flag is not set the access is denied ! However
the ACls seems corrects !
$ id
uid=3000137(pellegrb) gid=3000038(teachers)
groupes=3000038(teachers),100(users),3000037(fichusers),5000001(BUILTIN\users)
$ getfacl /uhomes/2de1
# file: /uhomes/2de1
# owner: root
# group: 2de1
user::rwx
group::r-x
group:teachers:rwx
mask::rwx
other::---
$ mount
//fichdc/uhomes/ on /uhomes/2de1 type cifs
(rw,relatime,sec=ntlm,unc=\\fichdc\uhomes,username=pellegrb,uid=3000137,noforceuid,gid=3000038,noforcegid,addr=172.16.200.20,unix,posixpaths,serverino,acl,rsize=1048576,wsize=65536,actimeo=1
4) The same ACL applied directly on a ext4 file system let access to
the user "pellegrb".
I don't understand where the problem come from ...
Thanks !
More information about the samba
mailing list