[Samba] vfs_recycle disables permissions inheritance on AD DC shares
Sebastian Arcus
s.arcus at open-t.co.uk
Mon Dec 2 17:17:20 UTC 2019
On 02/12/19 16:53, Rowland penny via samba wrote:
> On 02/12/2019 16:24, Sebastian Arcus via samba wrote:
>>
</snip>
>
>>> You should have 'vfs objects = dfs_samba4 acl_xattr recycle'
>>
>> Thank you very much for this - now it is working. This lack of
>> permissions inheritance issue has been plaguing me for months - it is
>> very useful to finally find what has been causing it. Would it be a
>> good idea to add the information above somewhere in the wiki, in case
>> others will face the same issue at some point?
>
> You are probably correct, but where to put it ???
The following man page is the one I read several times when things
started to get hairy and I narrowed things down to issues with vfs
recycle - and where I was looking for some enlightening notes on the
subject:
https://www.samba.org/samba/docs/current/man-html/vfs_recycle.8.html
Something along the lines of:
"vfs objects = recycle
Please note that the config line above will reset the vfs objects
already configured, which can have unintended consequences, specially
when Samba is configured in AD mode. To avoid this, the recycle module
should be added to existing vfs objects (... with some suitable
instructions on how to find out which existing vfs modules are
configured by default, maybe)"
Maybe something like the above?
</snip>
More information about the samba
mailing list