[Samba] Remove all Windows ACL's from files/folders
Patrick Goetz
pgoetz at math.utexas.edu
Fri Mar 25 22:37:26 UTC 2022
On 3/25/22 17:35, Jeremy Allison wrote:
> On Fri, Mar 25, 2022 at 05:27:55PM -0500, Patrick Goetz via samba wrote:
>>
>>
>> On 3/24/22 12:10, Jeremy Allison via samba wrote:
>>> On Thu, Mar 24, 2022 at 10:07:16AM -0700, Greg Sloop <gregs--- via
>>> samba wrote:
>>>> What's the proper way to REMOVE all the ACL's assigned by Windows to a
>>>> Samba share/folders/files?
>>>>
>>>> The short story is I was having problems assigning ACL's via the
>>>> Windows
>>>> security dialog. I managed to fix that, but now users that I assign
>>>> rights
>>>> to a file/folder simply don't have those rights, and I can't figure
>>>> out why.
>>>>
>>>> I want to make absolutely sure that all the previous ACL's are gone
>>>> so I'm
>>>> sure I'm working with a clean setup. If I still have issues, then at
>>>> least
>>>> I'm starting from a clean base, so working through the troubleshooting
>>>> steps might be easier.
>>>
>>> If you are storing Windows ACLs into EA's then recursively
>>> remove system.NTACL from all files/directories. You'll
>>> need to be root.
>>>
>>
>> Sorry, this lost me completely. What is system.NTACL?
>
> system.NTACL is the extended attribute smbd uses to
> store the Windows ACL in ndr format.
I figured this much, but am unsure about the syntax for doing this --
could you provide an example, please?
More information about the samba
mailing list