Hello, Sometimes I have to create and use Navision Databases on samba shares - this works with samba 2.0.x but does not with samba 2.2.x (tried 2.2.3a and 2.2.4).
The following tests were done with a acl enabeled samba and an acl aware kernel/filesystem, but I also have done these tests with acl not compiled into samba on an host without acl in the kernel - same result, does not work, same error-messages on the w$ side. When I create the database the acls look like this: lara:/home/test # getfacl test.fdb # file: test.fdb # owner: test # group: test user::r-x group::r-x mask::rwx other::r-x lara:/var/log/samba # smbcacls //lara/test test.fdb -U test INFO: Debug class all level = 0 (pid 18689 from pid 18689) Password: REVISION:1 OWNER:LARA\test GROUP:LARA\test ACL:LARA\test:ALLOWED/0/READ ACL:LARA\test:ALLOWED/0/READ ACL:everyone:ALLOWED/0/READ OK, this has created the database RO (or set the permissions to RO after creating). Of course I get an permission error if I restart navision. But when I create a database on an NTFS drive, the Permissions look like this: lara:/var/log/samba # smbcacls //mleun/c$ test.fdb -U ml INFO: Debug class all level = 0 (pid 18714 from pid 18714) Password: REVISION:1 OWNER:VORDEFINIERT\Administratoren GROUP:MLEUN\Kein ACL:everyone:ALLOWED/0/FULL Did the same thing (except the Path for the database, of course) but get really different acls. OK, lets set the acls on the database-file and try to open...: lara:/home/test # setfacl -m u::rwx test.fdb lara:/home/test # setfacl -m g::rwx test.fdb lara:/home/test # setfacl -m o::rwx test.fdb lara:/home/test # getfacl test.fdb # file: test.fdb # owner: test # group: test user::rwx group::rwx mask::rwx other::rwx lara:/var/log/samba # smbcacls //lara/test test.fdb -U test INFO: Debug class all level = 0 (pid 18730 from pid 18730) Password: REVISION:1 OWNER:LARA\test GROUP:LARA\test ACL:LARA\test:ALLOWED/0/FULL ACL:LARA\test:ALLOWED/0/FULL ACL:everyone:ALLOWED/0/FULL Opening the database fails - access denied. Now the acls look like this: lara:/home/test # getfacl test.fdb # file: test.fdb # owner: test # group: test user::r-- group::--- mask::rwx other::rwx lara:/var/log/samba # smbcacls //lara/test test.fdb -U test INFO: Debug class all level = 0 (pid 18735 from pid 18735) Password: REVISION:1 OWNER:LARA\test GROUP:LARA\test ACL:LARA\test:ALLOWED/0/O ACL:LARA\test:ALLOWED/0/R ACL:everyone:ALLOWED/0/FULL If i change owner/group to root.root and make the file o+rwx the access also fails - maybe because the attempt to change the acls fails. Any ideas? If I should provide logfiles/debugoutput - no problem, please tell me, what loglevel/options i should use to produce meaningful results. Please CC me, I'm not subscribed. -- MfG, Michael Leun -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
