Jan Houstek wrote:
server:
linux 2.4.19 with xfs 1.2 and its ACL
libacl 2.0.19
samba 2.2.8 compiled from source with --with-acl-support
acting as PDC
interesting parts of smb.conf
create mask = 0600
directory mask = 0700
[testshare]
path = /data/testshare
readonly = No
client:
1) Windows XP, servicepack 1.2a
2) smbmount from another linux box
server:~# getfacl /data/testshare/testdir
# file: testdir
# owner: testuser
# group: users
user::rwx
group::---
group:somegroup:r-x
group:anothergroup:rwx
mask::rwx
other::---
default:user::rwx
default:group::---
default:group:somegroup:r-x
default:group:anothergroup:rwx
default:mask::rwx
default:other::---
server:~# umask 007
server:~# mkdir /data/testshare/testdir/test1
server:~# getfacl /data/testshare/testdir/test1
# file: test1
# owner: root
# group: root
user::rwx
group::---
group:somegroup:r-x
group:anothergroup:rwx
mask::rwx
other::---
default:user::rwx
default:group::---
default:group:somegroup:r-x
default:group:anothergroup:rwx
default:mask::rwx
default:other::---
On windows:
logon to domain as testuser
create test2 in testdir (right mouse button -> New -> Folder)
server:~# getfacl /data/testshare/testdir/test2
# file: test2
# owner: testuser
# group: users
user::rwx
group::rwx # !!! problem !!!
group:somegroup:r-x
group:anothergroup:rwx
mask::rwx
other::---
default:user::rwx
default:group::---
default:group:somegroup:r-x
default:group:anothergroup:rwx
default:mask::rwx
default:other::---
I could (almost) reproduce it on HP-UX, and (almost) fix it
using "inherit acls = Yes". :)
Both "almost" refer to mask (or class, respectively) behaving
a bit strange. But this might be platform specific.
Maybe using "inherit acls" could already do the job in your
setup?
Cheers!
Michael
