[Samba] SaMBa 4.16.4 adds users to ACLs as groups
nt1277 at gmail.com
Thu Jun 15 15:18:28 UTC 2023
Thank you for the answer.
I understand that default (POSIX) ACLs will lead to similar results, but
the parent directory of this file had no default ACL, and when opening its
properties / security dialog I also don't see any inheritance specified.
However I can accept that SaMBa works this way and I can even see that Word
did some deliberate ACL manipulation, but this "piling up" of ACL
information doesn't happen either on a native Windows file server or with
vfs_acl_xattr. And at least partially this may be the reason why using
POSIX ACLs with SaMBa is deprecated :-(
Christian Naumer <christian.naumer at greyfish.net> ezt írta (időpont: 2023.
jún. 15., Cs, 8:42):
> Am Mittwoch, dem 14.06.2023 um 18:48 +0200 schrieb Tamás Németh via samba:
> > # file: newfile.docx #This file has a (probably
> > unnecessary) POSIX ACL
> > # owner: user_1
> > # group: domain\040users
> > user::rw-
> > user:user_1:rw- #I'm already the owning user
> > having the same permissions. Why am I also explicitly added to the POSIX
> > ACL?
> > group::rw-
> > group:domain\040users:rw-- #It's already the owning group having
> > same permissions. Why is it also explicitly added to the POSIX ACL?
> > mask::rwx #Shouldn't it only be rw?
> > other::---
> This has nothing to to with Samba if ACLs are enabled and the directory
> has some default ACLs
> this also happens if you create the file on the server via ssh or on the
> cli. At least this is
> the case for me.
More information about the samba