[Samba] POSIX vs. Windows ACLs
Patrick Goetz
pgoetz at math.utexas.edu
Tue Nov 2 09:49:01 UTC 2021
Another question referring to a Samba domain member file server.
The file system is ext4 on an Ubuntu 20.04.
I would like to use Windows ACLs so my windows users can change
permissions on directories/files, but we also use linux data processing
systems, so the permissions (beyond POSIX basic) need to work there, too.
I think this means I'm stuck using POSIX extended ACLs, with Windows
users not being able to change permissions. Just want to make sure I
understand all the possibilities:
Currently the linux systems access files through NFS mounts, so no hope
of Windows ACLs working there, but if I were to bind the linux machines
to the domain and do the mounts through SMB, would the linux systems
respect the Windows ACL authorizations because permission is determined
by the Samba file server? Understood that I would lose the ability to
edit ACLs from linux, but the linux users are really Windows users
working on a linux system because that's where the software is and they
have no idea how to edit permissions there anyway.
Beyond this, if I'm working directly on the Samba file server, are there
command line tools available for editing Windows ACLs, or is this
sufficiently complicated that only a GUI will do?
The conjunction of linux and windows access control is a terrible mess,
as already discussed, but the world doesn't stop moving as a result, so
we will continue to cobble together bastardized arrangements that mostly
work. I'm at the Build a Frankenstein shop now...
More information about the samba
mailing list