[Samba] Samba and POSIX ACLs
gerases at gmail.com
Fri Aug 12 15:30:26 UTC 2016
I know this has been discussed ad naseum, but I can't find an answer to my
My version of samba is 4.2.10.
Here's my question. I have POSIX ACLs set on a directory like this:
# file: .
# owner: root
# group: admin
# flags: -s-
When I create a file in that directory with the touch command on linux, I
-rw-rw----+ 1 my_user_name admin 0 Aug 12 11:17 new
... which is what I want -- no exec bit set anywhere on the file itself
(though I do want it on a directory).
But when I create it through Samba, I get:
-rw-rwx---+ 1 my_user_name admin 0 Aug 12 11:07 new
I know that the ACL mask defines the maximum permissions and so since touch
uses the 0666 create mode, the exec bit is not set. So far so good.
Now to samba. The share has these controls:
create mask = 0664
When stracing the samba process, I see that 0664 is specified in the open
system call, but following that, setxattr is called (not sure by samba or
some kernel process), which must be setting the exec bit on the group?
96012 open("new", O_RDWR|O_CREAT|O_EXCL, 0664) = 40
96012 setxattr("New Text Document.txt", "system.posix_acl_access",
LONG_HEX_STRING_HERE, 52, 0) = 0
My question finally is: how do I make sure the exec bit on the group is *not
More information about the samba