[Samba] mixing Windows ACL and POSIX ACL shares on one server?
Matthias Leopold
matthias.leopold at meduniwien.ac.at
Thu Nov 14 22:29:21 UTC 2019
Am 14.11.19 um 23:03 schrieb Jeremy Allison via samba:
> On Fri, Nov 15, 2019 at 10:51:41AM +1300, Andrew Bartlett via samba wrote:
>> On Thu, 2019-11-14 at 21:45 +0100, Matthias Leopold via samba wrote:
>>> Hi,
>>>
>>> I posted a similar question in 2018 with no answers, so I'll try
>>> again:
>>> Is it possible to have shares with Windows ACLs and shares with
>>> POSIX
>>> ACLs on the same server (security = user)? Since share permissions
>>> are
>>> handled differently for both types of shares I'm not sure if this
>>> will
>>> work. I know I could try it out myself, but the question again just
>>> came
>>> to my mind and I think there will be clear answer by someone who
>>> knows.
>>
>> Yes, use acl_xattr to store the windows acl if you want that handled
>> faithfully. The last ACL to be set will win.
>>
>> If you set a POSIX ACL then any windows ACL that has been set will be
>> ignored. If you set a windows ACL on the same file then it will be
>> translated into posix and also stored.
>>
>> So, the idea is that it would 'just work'.
>
> Yep, +1 Andrew, that's the way it's meant to work (was
> designed that way). There might be some tricky corner
> cases but mostly this is the way most Samba installs
> use ACLs.
>
thank you. you are all focusing on ACLs, I'm rather sure they will work,
my concern is rather management of share permissions. will
share_info.tdb (Windows ACL share) work alongside with "valid users"
(POSIX ACL share)?
Matthias
More information about the samba
mailing list