Thanks Gavin, I'll experiment with this. I appreciate your advice.
John On Thu, Feb 28, 2008 at 2:00 AM, Gavin McCullagh <[EMAIL PROTECTED]> wrote: > Hi, > > > > On Wed, 27 Feb 2008, john wrote: > > > I use samba to allow windows clients to access shares on our linux > > file server. I'd like to enable support for ACLS so that I can use > > windows permissions under linux. > > > > Does anyone know how I can accomplish this. Do I need to recompile > > SAMBA to support acls or is it a simple addition to smb.conf? > > I'm afraid it's not that simple at all at least as I understand it. There > are two issues, one is ACLs (the ability to create lots of different > permissions for lots of different users/groups), the other is windows > permissions themselves. > > If you need ACLs on linux you can install the acl package², turn them on at > the filesystem mounting and use them. Some details are here: > http://www.vanemery.com/Linux/ACL/linux-acl.html > If you look at "man smb.conf" you can search for ACL and see the various > options. > > Permissions must be represented in the filesystem and unix filesystems have > support for read, write, execute and the setuid/sticky bits. What samba > does is a lossy translation of unix<->windows permissions as best it can. > Windows permissions are substantially more granular than unix ones.¹ For > example, there is no such thing as delete permission in unix, so (as far as > I recall) a user given delete permissions on windows is given write > permission on the underlying unix filesystem. You can try this out by > setting a permission in windows, then close the window and go back in to > see what permission really got stored. > > Gavin > > ¹ Some may argue that the extra granularity isn't particularly useful but > that's a different and somewhat subjective question. > ² > [EMAIL PROTECTED]:~$ apt-cache show acl > Package: acl > Priority: optional > Section: universe/utils > Installed-Size: 220 > Maintainer: Ubuntu Core Developers <[EMAIL PROTECTED]> > Original-Maintainer: Nathan Scott <[EMAIL PROTECTED]> > Architecture: i386 > Version: 2.2.42-1ubuntu1 > Depends: libacl1 (>= 2.2.11-1), libattr1 (>= 2.4.4-1), libc6 (>= > 2.5-0ubuntu1) > Filename: pool/universe/a/acl/acl_2.2.42-1ubuntu1_i386.deb > Size: 44562 > MD5sum: 6c2656880e828969b17123da433cfc04 > SHA1: 603371f286fce083a6a996897676371e3b5188f4 > SHA256: 72cf56fa97ab661c8254b6d69bbd8cc0ff0a80bf1cf05e7c412fa950228984b2 > Description: Access control list utilities > This package contains the getfacl and setfacl utilities needed for > manipulating access control lists. > Bugs: mailto:[EMAIL PROTECTED] > Origin: Ubuntu > > [EMAIL PROTECTED]:~$ getfacl .xsession-errors > # file: .xsession-errors > # owner: gavinmc > # group: gavinmc > user::rw- > group::r-- > other::r-- > > > > -- > edubuntu-users mailing list > [email protected] > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/edubuntu-users > -- edubuntu-users mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
