[Samba] ACL - samba vs filesystem
peljasz at yahoo.co.uk
Thu Jul 19 12:14:50 UTC 2018
On 19/07/18 10:32, lejeczek via samba wrote:
> hi guys
> my samba share has
> inherit acls = Yes
> and inherits(I guess) from global:
> create mask = 0744
> directory mask = 0755
> Now, share's underlying filesystem has acls set on a folder:
> In shell when I create a file in that folder I see:
> user:me:rwx #effective:rw-
> user:appmgr:r-x #effective:r--
> but when make new file in Windows client then shell shows:
> user:me:rwx #effective:---
> user:appmgr:r-x #effective:---
> Why is that? Am I missing something in samba's configuration?
> I'm thinking - ideally might be if I got rid of mask but I'm not sure
> many thanks, L.
seems that in my case these make difference:
create mask = 0744
directory mask = 0755
if these two are as above then these masks are actually applied and
though "inherit acls = Yes" does it's job I end up with (re)calculated
effective permissions(different from acl/setfacl asks/sets). Which all
in all is probably normal & expected.
Although it defeats my logic I confess, I mean it ... "inherit acls =
Yes" would/should take with FS's mask along, yet "% mask = $.." in samba
config collides/overrides filesystem's mask.
More information about the samba