[Samba] ACL - samba vs filesystem
Rowland Penny
rpenny at samba.org
Thu Jul 19 09:58:31 UTC 2018
On Thu, 19 Jul 2018 10:32:04 +0100
lejeczek via samba <samba at lists.samba.org> wrote:
> hi guys
>
> my samba share has
>
> inherit acls = Yes
>
> and inherits(I guess) from global:
>
> create mask = 0744
> directory mask = 0755
>
> Now, share's underlying filesystem has acls set on a folder:
>
> user::rwx
> user:me:rwx
> user:appmgr:r-x
> group::---
> mask::rwx
> other::---
> default:user::rwx
> default:user:me:rwx
> default:user:appmgr:r-x
> default:group::---
> default:mask::rwx
> default:other::---
>
> In shell when I create a file in that folder I see:
>
>
> user::rw-
> user:me:rwx #effective:rw-
> user:appmgr:r-x #effective:r--
> group::---
> mask::rw-
> other::---
>
> but when make new file in Windows client then shell shows:
>
> user::rwx
> user:me:rwx #effective:---
> user:appmgr:r-x #effective:---
> group::---
> mask::---
> other::---
>
> Why is that? Am I missing something in samba's configuration?
>
> I'm thinking - ideally might be if I got rid of mask but I'm not sure
> how.
>
> many thanks, L.
>
>
>
You don't give us much to go on, but I think you are mixing up using
POSIX and Windows ACL's
You should use one or the other, not both, see here:
https://wiki.samba.org/index.php/Setting_up_a_Share_Using_POSIX_ACLs
and here:
https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
Rowland
More information about the samba
mailing list