[Samba] Dealing with permission inheritance for CIFS Windows and NFS Linux clients accessing same data

Stefan Kania stefan at kania-online.de
Mon Mar 19 08:05:56 UTC 2018

Why don't you use CIFS for the Linux-Client? Take a look at pam_mount. I
think it's the better solution


Am 19.03.18 um 05:16 schrieb Ken McDonald via samba:
> How can I best handle file & directory permissions & inheritance when
> accessing the same data on a remote server from Windows clients
> through a CIFS share and Linux clients through an NFS export?
> I have Samba AD working and I believe Winbind is working because when
> I check permissions from the command line, whether locally on the
> server or a remote Linux client, with ls, getfacl, getfattr,
> nfs4_getfacl, or nfs4_getfattr, I can see Samba AD usernames and groups.
> For example:
> 1) I set permissions from a remote Windows client on a remote
> top-level directory (mapped through CIFS to a server share)
> 2) If on the Windows client, I create subdirectories & files, the
> inherited permissions ARE the same as the top-level (inherited
> correctly as expected)
> 3) But if on a remote Linux Mint client (with a local directory
> mounted from a remote NFS4 export on the server -- same directory as
> CIFS share), I create subdirectories & files, the inherited
> permissions are NOT the same as the top-level
> Is it even possible to get relatively the same inheritance behavior
> from CIFS & NFS4 accessing the same data?
> This is the top-level directory
> https://i.imgur.com/dLgfoS8.png
> Good perms inherited by Windows-made CIFS file
> https://i.imgur.com/ls9jcZy.png
> Bad perms inherited by Linux-made NFS4 file
> https://i.imgur.com/c8LXxOA.png

Stefan Kania
Landweg 13
25693 St. Michaelisdonn

Signieren jeder E-Mail hilft Spam zu reduzieren. Signieren Sie ihre E-Mail. Weiter Informationen unter http://www.gnupg.org

Mein Schl├╝ssel liegt auf


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20180319/adeb013e/signature.sig>

More information about the samba mailing list