[Samba] Samba 4.5: trying to setup an omnios system as a DC member
Rowland Penny
rpenny at samba.org
Wed Jun 20 07:38:31 UTC 2018
On Wed, 20 Jun 2018 09:15:19 +0200
Andrea Cucciarrè <acucciarre at cloudian.com> wrote:
> Hello Rowland,
>
> thanks, configuring the uidNumber and gidNumber on the AD fixed the
> issue, now getent passwd works.
> I just have one remaining issue, it seems the ACL doesn't work.
> As an example when I set ACL with full permission for user andrea:
>
> # /usr/bin/ls -ldV /cache/testsamba/
> d---------+ 3 root root 5 Jun 19
> 19:40 /cache/testsamba/ user:andrea:rwxpdDaARWcCos:fd-----:allow
Omnios seems to have a different 'ls' to Linux, which doesn't have the
'V' switch. What is the filesystem ? ext4 ? and does it understand
'acls' & 'attrs' as in 'acl_xattr' ?
If you look closely at the directory permissions, you will see a '+'
sign, on Linux this would mean an extended acl is in use, so what does
'getfacl /cache/testsamba' show ?
>
> the user andrea can't mount the share.
> I have added the following entry in smb.conf for ACL:
>
> vfs objects = acl_xattr
> map acl inherit = Yes
> store dos attributes = Yes
>
> and the directory is shared as follow:
>
> [testsamba]
> available = yes
> browsable = yes
> path = /cache/testsamba
> read only = no
>
> am I missing something?
>
Well, only that the first two lines are default settings ;-)
Also that this setup is for using Windows ACLs, reading this might help:
https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
Or this if you want to use POSIX ACLs:
https://wiki.samba.org/index.php/Setting_up_a_Share_Using_POSIX_ACLs
Rowland
More information about the samba
mailing list