[Samba] Roaming Profiles acls after upgrade
Mark Nienberg
mnlists at tippingstructural.com
Mon Jan 25 22:44:37 UTC 2016
We recently upgraded our samba 3.6 network to samba 4.2.3. It is still a
NT-style domain.
The underlying OS was upgraded from CentOS 5 to CentOS 7.
The profiles share is set up like this:
[profiles]
comment = Roaming Profiles
path = /mnt/share2/ntprofiles
browseable = no
writable = yes
csc policy = disable
create mask = 0600
directory mask = 0700
admin users = +ntadmins
I noticed that the directory mask is being ignored for new profiles and
filesystem acls are being added instead.
Compare these two directories where the first one was existing before the
update and the second one is post update.
drwx------ 14 fuko Everyone 4.1k Jan 25 12:08 fuko.V2/
drwxrwx---+ 14 gauthier Everyone 4.1k Jan 21 17:01 gauthier.V2/
Here are the added acls:
[root at geckovm ntprofiles]# getfacl gauthier.V2/
# file: gauthier.V2/
# owner: gauthier
# group: Everyone
user::rwx
user:gauthier:rwx
group::---
group:Everyone:---
mask::rwx
other::---
default:user::rwx
default:user:gauthier:rwx
default:group::---
default:group:Everyone:---
default:mask::rwx
default:other::---
In the [global] settings we have this:
map archive = no
map hidden = no
map read only = no
map system = no
store dos attributes = yes
create mask = 0770
directory mask = 0770
acl allow execute always = True
Everything still works fine, but it is a little harder to understand and
administer.
Is this the intended behavior?
Thanks, Mark
More information about the samba
mailing list