Problems with ACLs in 2.2.8
Michael Steffens
michael.steffens at hp.com
Tue Mar 25 09:09:06 GMT 2003
Jan Houstek wrote:
> server:
> linux 2.4.19 with xfs 1.2 and its ACL
> libacl 2.0.19
> samba 2.2.8 compiled from source with --with-acl-support
> acting as PDC
> interesting parts of smb.conf
> create mask = 0600
> directory mask = 0700
> [testshare]
> path = /data/testshare
> readonly = No
> client:
> 1) Windows XP, servicepack 1.2a
> 2) smbmount from another linux box
>
> server:~# getfacl /data/testshare/testdir
> # file: testdir
> # owner: testuser
> # group: users
> user::rwx
> group::---
> group:somegroup:r-x
> group:anothergroup:rwx
> mask::rwx
> other::---
> default:user::rwx
> default:group::---
> default:group:somegroup:r-x
> default:group:anothergroup:rwx
> default:mask::rwx
> default:other::---
>
> server:~# umask 007
> server:~# mkdir /data/testshare/testdir/test1
> server:~# getfacl /data/testshare/testdir/test1
> # file: test1
> # owner: root
> # group: root
> user::rwx
> group::---
> group:somegroup:r-x
> group:anothergroup:rwx
> mask::rwx
> other::---
> default:user::rwx
> default:group::---
> default:group:somegroup:r-x
> default:group:anothergroup:rwx
> default:mask::rwx
> default:other::---
>
> On windows:
> logon to domain as testuser
> create test2 in testdir (right mouse button -> New -> Folder)
>
> server:~# getfacl /data/testshare/testdir/test2
> # file: test2
> # owner: testuser
> # group: users
> user::rwx
> group::rwx # !!! problem !!!
> group:somegroup:r-x
> group:anothergroup:rwx
> mask::rwx
> other::---
> default:user::rwx
> default:group::---
> default:group:somegroup:r-x
> default:group:anothergroup:rwx
> default:mask::rwx
> default:other::---
I could (almost) reproduce it on HP-UX, and (almost) fix it
using "inherit acls = Yes". :)
Both "almost" refer to mask (or class, respectively) behaving
a bit strange. But this might be platform specific.
Maybe using "inherit acls" could already do the job in your
setup?
Cheers!
Michael
More information about the samba-technical
mailing list