Samba doesn't allow setting ACLs for special SIDs
Jeremy Allison
jra at samba.org
Sun Dec 29 20:32:08 UTC 2019
On Tue, Dec 24, 2019 at 03:54:43PM -0600, Steve French via samba-technical wrote:
> I noticed that Samba server doesn't allow setting ACLs for special
> SIDs (like the 'NFS' or POSIX mode bits etc.). Looking at
> vfs_acl_xattr it automatically resets the value of
>
> force unknown acl user to true (which prevents setting special SIDs
> that don't map to users that Samba doesn't know about).
>
> Is there a way to configure Samba allow setting special SIDs?
> Presumably if acl_xattr is not set then the ACL can't be saved and if
> acl_xattr is used then unknown SIDs are remapped so are useless.
force unknown acl user forces owner and group SIDs to be
valid UNIX users/groups, and causes the POSIX ACL mapping
to ignore unknown ACE entries for users/groups.
Special SIDs should still be stored in the xattr ACL
store, just not mapped to POSIX.
Can you explain *exactly* what you are trying to do
here, because the problem you want to solve isn't
clear.
More information about the samba-technical
mailing list