[Samba] ACL SHARE
Carlos A. P. Cunha
carlos.hollow at gmail.com
Tue Jun 27 14:26:16 UTC 2017
Hello
I have a Debian 8 with samba (Version 4.2.10-Debian) that serves as
Fileserver.
My smb.conf
[global]
workgroup = XXXXX
realm = GRUPO.XXXXX.COM.BR
security = ADS
idmap config * : backend = rid
idmap config * : range = 100000-999999
client schannel = no
allow trusted domains = yes
winbind use default domain = yes
winbind refresh tickets = Yes
winbind offline logon = no
winbind cache time = 360
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash
template homedir = /home/%U
map to guest = bad user
guest account = guest
guest ok = yes
vfs objects = acl_xattr
map acl inherit = Yes
store dos attributes = Yes
I have sharing:
[QUALIDADELEITE]
path = /home/QUALIDADELEITE
browseable = yes
writeable = yes
printable = no
create mask = 0770
force directory mode = 0770
force create mode = 0770
force group = +qualidadeleite
valid users = @qualidadeleite
getfacl /home/QUALIDADELEITE
# file: home/QUALIDADELEITE
# owner: root
# group: qualidadeleite
user::rwx
group::rwx
other::---
default:user::rwx
default:group::r-x
default:group:qualidadeleite:rwx
default:mask::rwx
default:other::r-x
My doubts inside have an ok.txt file
Getfacl ok.txt
# File: ok.txt
# Owner: root
# Group: root
User :: rwx
Group :: r-x #effective: ---
Group: qualidadeleite: rwx #effective: ---
Mask :: ---
Other :: ---
The problem in this way a user of the qualidadeleite group can not do
anything in the file, even though they have permissions via ACL, this
only happens on shares.
Direct on the file System the ACL permission is functional.
Access to this directory occurs both direct (ssh) and via shares.
Do you know what it can be?
Regards
More information about the samba
mailing list