Hi Steve,On Fri, Oct 04, 2002 at 06:48:55PM +0200, Zoltan Bogdan wrote: > Am Don, 2002-10-03 um 23.43 schrieb Zoltan Bogdan: > Hi, > I share an XFS-volume via samba 2.2.4. > fetching the acls works like the following for me: > -------------------------------------------- > hermes:/secrets # smbcacls //hermes/xfs-share test -U TOGO/hzbogdan > Password: > REVISION:1 > OWNER:TOGO\hzbogdan > GROUP:TOGO\users > ACL:TOGO\hzbogdan:ALLOWED//RW > ACL:TOGO\users:ALLOWED//R > ACL:\Everyone:ALLOWED//R > --------------------------------------------- > When I try to set - or rather modify - the Acl for the group > "users", I get strange results: > --------------------------------------------- > hermes:/secrets # smbcacls //hermes/xfs-share test -U TOGO/hzbogdan > -M ACL:TOGO\users:0/0/W > Password: > Failed to parse ACL ACL:TOGOusers > -------------------------------------------- > Using various substitutions for type/flags/mask Values didn't get > better results. > Could someone provide some help? You haven't escaped your strings to make them shell-safe. The shell eats the backslash, and smbcacls only sees 'ACL:TOGOusers' instead of 'ACL:TOGO\users'. I also don't know for sure if names in ACLs are supported by smbcacls in 2.2. If so, you definitely need to handle that backslash: smbcacls //hermes/xfs-share test -U TOGO/hzbogdan -M ACL:TOGO\\users:0/0/W or smbcacls //hermes/xfs-share test -U TOGO/hzbogdan -M 'ACL:TOGO\users:0/0/W' HTH, Steve Langasek postmodern programmer
thanks for your hint.
Not escaping special characters is a quite silly fault and i'm a little embarrassed.
Unfortunately escaping didn't work either - so you're probably right assuming that names are not supported.
Do you know where I get the hex code for the NT-ACLs ?
Here's another strange thing I expierienced playing arround with smbcacls:
The output calling smbacls locally is different from the output I get if I call it in an ssh session:
locally:
-------------------------------------------------------------------------------------------------
linux:/data # smbcacls //linux/testXFS test -U TESTNET/testuser -M ACL:TESTNET\\users:0/0/RW
<snip>
lsa_io_sec_qos: length c does not match size 8
Failed to parse ACL ACL:TESTNET\users
----------------------------------------------------------------------------------------------------
remote:
-------------------------------------------------------------------------------------------------
linux:/data # smbcacls //linux/testXFS test -U TESTNET/testuser -A ACL:TESTNET\\users:0/0/RW
<snip>
Failed to parse security descriptor
-------------------------------------------------------------------------------------------------
bye
z.
|
Zoltan Bogdan
Zoltan Bogdan - Linux SystemIntegration Kreutzerstr. 71 D-90439 Nürnberg Tel. +49 (0)911 929 191 25 Fax +49 (0)911 929 191 26 Mobil +49 (0)175 521 705 4 [EMAIL PROTECTED] |
