[Samba] Setting ACLs with smbcacls fails (partly)
Rowland penny
rpenny at samba.org
Wed Dec 25 19:04:45 UTC 2019
On 25/12/2019 16:46, Chris via samba wrote:
> Hello,
Merry Christmas ;-)
>
> I'm running a PDC and a secondary DC in privilegded lxc containers and
> try to setup a fileserver in an unprivileged lxc container.
No, you are running two DCs, it is just that one of them has the PDC
Emulator role (it probably has the other 6 as well)
> The shares of the file server are on the ZFS of the host and mapped
> via bind-mount.
Ah, that could be a problem, ZFS uses NFSv4 ACLs
> ------------ file server settings ----------------------
> --- smb.conf of the fileserver
>
> [global]
> workgroup = MYWRKGRP
> realm = MYWRKGRP.MYDOM.COM
> netbios name = SVR-002
> security = ADS
> winbind enum users = yes
> winbind enum groups = yes
> winbind use default domain = no
> winbind refresh tickets = Yes
> template shell = /bin/bash
> idmap config * : range = 10000 - 19999
> idmap config MYWRKGRP : backend = rid
> idmap config MYWRKGRP : range = 1000000 - 1999999
> map acl inherit = yes
> inherit acls = Yes
> inherit permissions = Yes
> store dos attributes = Yes
> vfs objects = acl_xattr
Try 'nfs4acl_xattr' instead, see 'man vfs_nfs4acl_xattr'
Rowland
More information about the samba
mailing list