[Samba] Container setup?
Rowland penny
rpenny at samba.org
Fri Jul 5 14:42:26 UTC 2019
On 05/07/2019 15:34, L.P.H. van Belle via samba wrote:
>
>
>> -----Oorspronkelijk bericht-----
>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
>> Rowland penny via samba
>> Verzonden: vrijdag 5 juli 2019 16:30
>> Aan: samba at lists.samba.org
>> Onderwerp: Re: [Samba] Container setup?
>>
>> On 05/07/2019 15:11, Joachim Lindenberg via samba wrote:
>>> Hi Marco, anybody,
>>>> + must be 'privileged' container (no unprivileged ones)
>>> I have seen containers with and without calling for being
>> privileged, but you never know without trying and testing carefully...
>>> Googling I found
>> https://github.com/lxc/lxd/issues/3442#issuecomment-312560949
>> but I am not really clear about the conclusion.
>>> Does it really have to be privileged?
>>> Thanks & Best Regards, Joachim
>> Not an expert on containers, but it sounds like you must use 'privileged' ones,
>>
>> All DC's are fileservers even if you don't think they are (Sysvol,
>> Netlogon) and the required Windows ACL's are stored in security.NTACL
>>
>> Rowland
>
> Even if you set: acl_xattr:ignore system acls = yes. ??
> ( Im not a container expert also. ) :-/
>
>
> Greetz,
>
> Louis
>
>
Yes, pull that line in bits:
acl_xattr: type of ACL module (very basic description)
ignore system acls = yes: this tells 'acl_xattr' to ignore the system
acls (Unix rwx)
So basically you are telling Samba to only use security.NTACL
Rowland
More information about the samba
mailing list