[Samba] Warning messages when provisioning an ADDC

Thomas Geppert t.geppert at t-online.de
Sat Feb 6 10:07:15 UTC 2021

Am 2/5/21 um 3:51 PM schrieb Ralph Boehme:
> it seems this command doesn't use the same logic as samba-tool ntacl get which has the option --use-s3fs and tells the command to go via the VFS instead of accessing the xattr directly.

I'm lost again. The checksysvolacl function does do this by intention. There is the following comment in the code:

# Ensure we can read this directly, and via the smbd VFS

and then the code loops the getntacl function:

	for direct_db_access in [True, False]:
		fsacl = getntacl(lp, dir_path, session_info, direct_db_access=direct_db_access, service=SYSVOL_SERVICE)

Why the hack does it need to assure that it can read the ACL direct ?
Is there still a part of the operational ADDC code that only uses the direct access method ?



More information about the samba mailing list