Looks like this:
n...@leo-ha2:/$ ls -Vd ha2/f1/
drwxr-xr-x+ 3 enguser root 4 Jul 1 14:51 ha2/f1/
user:smb:rwxp-D-ARW-Co-:-------:allow
user:nfs:rwxp-D-ARW-Co-:-------:allow
owner@:--------------:-------:deny
owner@:rwxp---A-W-Co-:-------:allow
group@:-w-p----------:-------:deny
group@:r-x-----------:-------:allow
everyone@:-w-p---A-W-Co-:-------:deny
everyone@:r-x---a-R-c--s:-------:allow
Thanks,
John
-----Original Message-----
From: [email protected] [mailto:[email protected]]
Sent: Wednesday, July 01, 2009 6:17 PM
To: John Keiffer
Cc: [email protected]
Subject: Re: [cifs-discuss] [nfs-discuss] Why can't we write to files created
in multi-protocol se
How does the ACL for 'f1' look like?
Afshin
John Keiffer wrote:
> Well... I may have had an idamp problem before, which I believe I've now
> corrected. This is my current idamp config:
>
> add "wingroup:Domain [email protected]" unixgroup:group2
> add winuser:[email protected] unixuser:enguser
> wingroup:Domain [email protected] == gid:2147483650
> wingroup:Authenticated Users == gid:2147483651
> wingroup:Network == gid:2147483652
> wingroup:administrat...@builtin == gid:2147483653
>
>
> I still have some questions regarding access from both CIFS and NFS:
>
> After steping on the file from Linux and vi with the ! I believe it reordered
> the ACL's like this:
>
> n...@leo-ha2:/$ ls -V ha2/f1/
> total 2
> ----------+ 1 enguser group2 6 Jul 1 14:32 cifs.txt
> group:group2:rwxp----------:-------:deny
> everyone@:r-x--------Co-:-------:deny
> group:group2:-------------s:-------:allow
> user:enguser:rwxpdDaARWcCos:fd-----:allow
> everyone@:------a-R-c--s:-------:allow
>
> Which means that when I try and access it from Windows I can't, because
> group2 has write deny (among other things). If I remove the user ACL and
> insert it at the beginning, I can write again from Windows...
>
> n...@leo-ha2:/$ chmod A3- ha2/f1/cifs.txt
>
> n...@leo-ha2:/$ chmod A0+user:enguser:rwxpdDaARWcCos:fd-----:allow
> ha2/f1/cifs.txt
>
> n...@leo-ha2:/$ ls -V ha2/f1/
> total 2
> ----------+ 1 enguser group2 6 Jul 1 14:32 cifs.txt
> user:enguser:rwxpdDaARWcCos:fd-----:allow
> group:group2:rwxp----------:-------:deny
> everyone@:r-x--------Co-:-------:deny
> group:group2:-------------s:-------:allow
> everyone@:------a-R-c--s:-------:allow
>
> Until I ! save it again from Linux, because then the ACLs are changed (such
> that nobody can do much of anything because of the deny lines):
>
> n...@leo-ha2:/$ ls -V ha2/f1/cifs.txt
> ---------- 1 enguser group2 27 Jul 1 14:48 ha2/f1/cifs.txt
> owner@:rwxp----------:-------:deny
> owner@:-------A-W-Co-:-------:allow
> group@:rwxp----------:-------:deny
> group@:--------------:-------:allow
> everyone@:rwxp---A-W-Co-:-------:deny
> everyone@:------a-R-c--s:-------:allow
_______________________________________________
cifs-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
