[Samba] Issue with acl_xattr:ignore system acls in 4.5rc2
Ralph Böhme
slow at samba.org
Thu Aug 18 10:40:41 UTC 2016
Hi Michael,
On Thu, Aug 18, 2016 at 11:42:12AM +0200, Michael Adam wrote:
> From reading the original post, I get the impression
> that the problem is associated to the share root directory.
nope. It will happen with just any directory or file created from a
non SMB client, eg mkdir|touch (or NFS, ...) on the server.
It is also associated with files or directories created from Windows
client where the parent directory for some reason lacks inheritable
ACEs (because eg the admin relied on POSIX mode for some basic
permissions).
> There is of cours a chicken-and-egg problem here.
>
> And my wild guess is that this could be fixed with setting
> a proper share acl. (use the sharesec command).
> Maybe we must also/alternatively put a different xattr-acl for
> the share root.
Just adding inheritable (NT ACL xattr) ACEs to the share root
directory indeed fixes the problem for SMB clients, but not for stuff
created on the server.
Cheerio!
-slow
More information about the samba
mailing list