[Samba] NTFS ACL on database and vfs_acl_tdb

Matteo Maretto matteo.maretto at terredargine.it
Wed Mar 23 11:30:16 UTC 2016

Il 21/03/2016 16:55, Volker Lendecke ha scritto:
> On Mon, Mar 21, 2016 at 01:28:44PM +0100, Matteo Maretto wrote:
>> Hi,
>> thanks for your question.
>> We have not investigated this matter yet, but we espect to find at least a
>> basic correspondence between the two. This would be enough for us.
>> On the Novell documentation we've read that the object rights are
>> essentially four: Browse, Create, Delete, Inheritance Control, Rename, and
>> Supervisor.
>> It shouldn't be difficult to match them to ntfs acls.
> Good luck with that. Keep in mind that unless you're using zfs or gpfs
> Linux does not provide anything close to ntfs ACLs. With zfs or gpfs
> you get nfsv4 acls, which are closer to ntfs than posix acls, but as
> Christoph Hellwig has just pretty much killed richacls, this will take
> a decade or more to come to the more popular Linux file systems.
> Volker

That's ok. We knew that posix ACLs were not what we needed, so we 
decided to use either vfs_acl_xattr or vfs_acl_tdb modules.
The documentation of these modules states that the first saves NTFS-ACLs 
in Extended Attributes and the sencond saves NTFS-ACLs in a tdb file.
The second option sounded interesting because we thought we might 
replicate a similar mechanism as novell does with netware ACLs management.


Si segnala che il presente messaggio non e' a carattere personale e le risposte allo stesso potranno essere conosciute dall'organizzazione lavorativa di appartenenza del mittente secondo le modalita' previste dal regolamento adottato in materia. Se per un disguido avete ricevuto questa e-mail senza esserne i destinatari vogliate cortesemente distruggerla e darne informazione all'indirizzo mittente.

More information about the samba mailing list