[Samba] ACL - samba vs filesystem
lejeczek
peljasz at yahoo.co.uk
Thu Jul 19 12:14:50 UTC 2018
On 19/07/18 10:32, lejeczek via samba wrote:
> hi guys
>
> my samba share has
>
> inherit acls = Yes
>
> and inherits(I guess) from global:
>
> create mask = 0744
> directory mask = 0755
>
> Now, share's underlying filesystem has acls set on a folder:
>
> user::rwx
> user:me:rwx
> user:appmgr:r-x
> group::---
> mask::rwx
> other::---
> default:user::rwx
> default:user:me:rwx
> default:user:appmgr:r-x
> default:group::---
> default:mask::rwx
> default:other::---
>
> In shell when I create a file in that folder I see:
>
>
> user::rw-
> user:me:rwx #effective:rw-
> user:appmgr:r-x #effective:r--
> group::---
> mask::rw-
> other::---
>
> but when make new file in Windows client then shell shows:
>
> user::rwx
> user:me:rwx #effective:---
> user:appmgr:r-x #effective:---
> group::---
> mask::---
> other::---
>
> Why is that? Am I missing something in samba's configuration?
>
> I'm thinking - ideally might be if I got rid of mask but I'm not sure
> how.
>
> many thanks, L.
>
>
>
seems that in my case these make difference:
create mask = 0744
directory mask = 0755
if these two are as above then these masks are actually applied and
though "inherit acls = Yes" does it's job I end up with (re)calculated
effective permissions(different from acl/setfacl asks/sets). Which all
in all is probably normal & expected.
Although it defeats my logic I confess, I mean it ... "inherit acls =
Yes" would/should take with FS's mask along, yet "% mask = $.." in samba
config collides/overrides filesystem's mask.
More information about the samba
mailing list