[Samba] access "claim types"
Stefan G. Weichinger
lists at xunil.at
Fri Feb 10 09:14:30 UTC 2023
Am 10.02.23 um 10:01 schrieb Rowland Penny via samba:
>> The yellow warning is there on shares belonging to root or
>> Administrator (wrong)
>
> Problem is, Administrator shouldn't own anything on Unix.
I understand. Will try to change that asap.
But why the warning on shares also where the directory belongs to root
on the linux filesystem?
Just tested that again with a test share:
chown to root:10512 (domain-admins), chmod 770 ... same yellow warning
in the dialog (with the 2 corrected DNS-IPs in resolv.conf also)
>> Reading
>> https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
>> again, sure.
>>
>> I don't have "acl_xattr:ignore system acls = yes" ... changing that
>> sounds dangerous, especially while there are dozens of active users on
>> the server right now.
>
> That does exactly what it says, the normal 'ugo' Unix permissions will
> be ignored and only permissions set from Windows (and stored in an EA)
> will be used by Samba.
Should I set that or not?
Is there a best practice to fix that on productive machines without
breaking stuff?
The users work with the shares for years now, I am not even sure if that
yellow warning for those "claim types" is relevant at all in my case ...
as I seem to be able to add/edit perms anyway.
More information about the samba
mailing list