[Samba] Standalone server and POSIX ACL issues (new one)

Yvan Masson yvan at masson-informatique.fr
Fri Aug 9 19:18:53 UTC 2019


Hi list,

For testing purpose, I am running a standalone Samba 4.9.5 on Debian 
with the following smb.conf:

[global]
server role = standalone server
map to guest = Bad User
guest account = nobody

[test]
path = /home/yvan/Partage/share
guest ok = yes
writable = yes
inherit acls = yes


I want "bob", "alice" and guest user to have full access to all files in 
this share, so I made /home/yvan/share with the following ACL:
$ getfacl share
# file: share
# owner: root
# group: root
user::rwx
user:bob:rwx
user:alice:rwx
user:nobody:rwx
group::r-x
mask::rwx
other::---
default:user::rwx
default:user:bob:rwx
default:user:alice:rwx
default:user:nobody:rwx
default:group::---
default:mask::rwx
default:other::---


I have two issues with this setup that I could not solve after many hours:

1. I can mount the share as guest but then can't read its content, 
although local access works fine (for example with `$ sudo -u nobody 
touch /home/yvan/share/foo`).

2. If user "bob" or "alice" creates a directory or a file, ACL mask is 
not "rwx" but "r-x" for directories and "r--" for files (which restricts 
effective rights). All other ACL are correct. Note that when creating 
files or directories locally, ACL mask is properly setup to "rwx".

Any idea is really welcome !

Best regards,
Yvan



More information about the samba mailing list