[Samba] ACL set in Windows not set in Samba
Viktor Trojanovic
viktor at troja.ch
Mon May 14 09:12:20 UTC 2018
Hi Miguel,
On 13 May 2018 at 22:52, Miguel Medalha via samba <samba at lists.samba.org>
wrote:
> >> Side question: How is it even possible that Windows "remembers" the
> >> ACL it sets but it's not visible on Linux when using getfacl?
>
> Windows ACLs are being stored in Extended Attributes using the acl_xattr
> vfs module. Linux ACLs are not there because the line
>
> acl_xattr:ignore system acls = yes
>
> is telling Samba not to write them.
>
I sent another message last night but it went to Rowland only by mistake.
In a nutshell, I removed the line acl_xattr:... and all of a sudden,
everything works as expected. From my understanding of the man page and
what you just wrote, by removing the line I just changed the setting to
"No", i.e. no longer allowing Samba to rely on extended attributes but
instead force a translation of Windows ACL to POSIX ACL.
In my understanding, this should not have been necessary. Clearly, the ACL
set by Windows were saved correctly in the extended attributes (otherwise
Windows would not have been able to retrieve them after a restart) and
still, they were not in fact applied until I added the same ACL in POSIX.
What exactly went wrong here?
Viktor
More information about the samba
mailing list