[Samba] acl_xattr and root permissions
Jerome Charaoui
jerome at riseup.net
Sun Dec 9 02:12:19 UTC 2018
Le 18-12-07 à 03 h 28, L.P.H. van Belle via samba a écrit :
> Hai,
>
> Tip, think in groups not users when you setup/manage you servers, it will help.
>
> Now,
> root = Administrator
> user != Administrator
>
> but when you add a user as member of domain admins... because root = "Domain Admins"
>
> Read :
> https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
>
> Dont forget also the "Creator owner" and "Creator Group" settings.
> 1777, creator owner
> 2777, creator group
> 3777, both..
>
> Change the 777's to what you need.
> That should help you.
Thanks, that certainly helped.
By setting these setuid/setgid correctly and attributing the Unix to the
domain user, I'm now able to modify ACLs via Windows clients without the
username being mapped to root.
-- Jerome
More information about the samba
mailing list