[Samba] no attributes after following "Setting up a Share Using Windows ACLs"
Lapin Blanc
fabien.toune at lapin-blanc.com
Sun Apr 29 09:05:16 UTC 2018
Hi, i have setup an ad dc with samba 4.8, and then rigorously followed wiki
tutorial at :
https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
However, when following the last part (File System ACLs in the Back End), I
don't get
the expected results :
[root at mydc ~]# getfattr -d /srv/samba/Demo/
doesn't yield anything and
getfacl /srv/samba/Demo/
getfacl : suppression du premier « / » des noms de chemins absolus
# file: srv/samba/Demo/
# owner: root
# group: SAMDOM\134domain\040admins
user::rwx
user:root:rwx
user:3000004:rwx
group::rwx
group:users:rwx
group:SAMDOM\134domain\040admins:rwx
mask::rwx
other::---
default:user::rwx
default:user:root:rwx
default:user:3000004:rwx
default:group::---
default:group:users:rwx
default:group:SAMDOM\134domain\040admins:rwx
default:mask::rwx
default:other::---
Also, if I create a folder in the share after logging as a regular user :
[root at mydc ~]# getfattr -d /srv/samba/Demo/Hello/
getfattr: Suppression des « / » en tête des chemins absolus
# file: srv/samba/Demo/Hello/
user.DOSATTRIB=0sMHgxMAAAAwADAAAAEQAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN/KVn2Y39MBAAAAAAAAAAA=
[root at mydc ~]# ls -al /srv/samba/Demo/
total 8
drwxrwx---+ 3 root SAMDOM\domain admins 19 29 avr 11:00 .
drwxr-xr-x. 3 root root 18 29 avr 10:10 ..
drwxrwx---+ 2 3000000 users 6 29 avr 11:00 Hello
I don't know the consequences of those differences from a security point of
view, why I have this DOSATTR instead of SAMBA_PAI...
More information about the samba
mailing list