[Samba] Samba4: use Posix-ACLs only? (ext4 - NFS4+CIFS - Fileserver)

Reinald Gfuellner Reinald.Gfuellner at tum.de
Fri Nov 18 08:30:16 UTC 2016 

Hi,

Thanks for your reply, Alex. May I know, what Samba-Version you are using?

I already had to make a downgrade from  4.3.9 to 4.1.6  because of known
incompatibilities  (1
<https://www.mail-archive.com/search?l=ubuntu-bugs@lists.ubuntu.com&q=subject:%22%5C[Bug+1572876%5C]+Re%5C:+After+Samba+upgrade+can%27t+access+unpassworded+windows+share%22&o=newest&f=1>
, 2
<https://forums.linuxmint.com/viewtopic.php?f=157&p=1159792#p1159792>)
to the existing samba3/NT4- enviroment. 

Exact question would be: Is there a Samba4-Version known do work with
POSIX-ACLS under a Samba3- DC.

 Cheers
  Reinald

Am 17.11.2016 um 15:40 schrieb Alex Crow via samba:
> On 17/11/16 13:15, Reinald Gfuellner via samba wrote:
>> I try to set up a Samba4-based Fileserver in an Samba3-DC enviroment.
>> Filesystem is ext4, CIFS + NFS4 should be provided. The same ACLs should
>> be used over both protocols.
>>
>> With Samba 3 this was possible (using POSIX 1003.1e DRAFT 17 ACLs only)
>> . How can I do the same with Samba 4 ?
>>
>>      Posix-ACLs set on the server with setfacl are recogniced on a
>>      windows-client. But every change I do on a windows-client is not
>>      visible on the posix-side (i.e. not reflected on the fileserver or
>>      on a NFS4-client using getfacl or nfs4_getfacl)
>>
>>
>> Do I make some trivial mistake, is it just the samba4 version used or is
>> it in general not longer possible/supported to restrict Samba to
>> Posix-ACLs understood in an ext4-enviroment? Thanks for any hint.
>>
>> OS: Ubuntu 14.04 LTS ,
>> Samba: samba 2:4.1.6+dfsg-1ubuntu2
>> <https://forums.linuxmint.com/viewtopic.php?f=157&p=1159792#p1159792>
>>
>> /etc/fstab:
>>
>> /dev/m1404-filea-vg1/dist_it_test2                     
>> /dist/it_test2                           ext3    
>> acl,usrjquota=aquota.user,jqfmt=vfsv0        0       0
>>
>> /etc/samba/smb.conf:
>>
>> ...
>>     # vfs objects = acl_xattr
>>     map acl inherit = yes
>>     store dos attributes = yes
>> ...
>>
>>
>
> Hi,
>
> We use POSIX ACLs and they seem to work.
>
> map acl inherit = Yes
> nt acl support = yes
>
> but *not*
>
> vfs objects = acl_xattr
>
> Cheers
>
> Alex
> -- 
> This message is intended only for the addressee and may contain
> confidential information. Unless you are that person, you may not
> disclose its contents or use it in any way and are requested to delete
> the message along with any attachments and notify us immediately.
> This email is not intended to, nor should it be taken to, constitute
> advice.
> The information provided is correct to our knowledge & belief and must
> not
> be used as a substitute for obtaining tax, regulatory, investment,
> legal or
> any other appropriate advice.
>
> "Transact" is operated by Integrated Financial Arrangements Ltd.
> 29 Clement's Lane, London EC4N 7AE. Tel: (020) 7608 4900 Fax: (020)
> 7608 5300.
> (Registered office: as above; Registered in England and Wales under
> number: 3727592). Authorised and regulated by the Financial Conduct
> Authority (entered on the Financial Services Register; no. 190856).
>



-- 
________________________________________________________________________ 
Dipl.-Ing.(FH) Reinald Gfuellner               http://www.rcs.ei.tum.de 
Institute for Real-Time Computer Systems (RCS)     fon +49-89-289-23564
Technische Universitaet Muenchen, D-80290 Muenchen fax +49-89-289-23555

More information about the samba mailing list