Only the owner of a file/directory can alter the permissions through the Windoze client. If you want to be able to change everyone's ACLs then create a special admin share with 'force user = root' and this will ensure that, as root, you can do anything to anything (dangerous so make sure you don't let anyone else near the share!).
Noel -----Original Message----- From: Mikko Rautiainen [mailto:[EMAIL PROTECTED]] Sent: 22 November 2002 08:58 To: [EMAIL PROTECTED] Cc: Samba ML Subject: Re: [Samba] ACLs with samba Hi, What filesystem are you using? Like ReiserFS doesn't support ACL's but ext3 and XFS does. And is your PDC a win??? or is it a samba PDC? I have a win2k PDC and samba fileserver and I use Winbind to authenticate. I can change the permissions for files and folders in the PDC or on my desktop. I didn't use any force create modes. Mikko Rautiainen Tom Hallewell wrote: >Hi- >I am experiencing some odd behavior with ACLs with winbindd using Samba 2.6 >on Debian Woody (kernel version 2.4.18). >1. I am unable to alter permissions from Win2K clients using the >Properties->Security interface. Is this normal? I get the "Unable to save >Permission Changes on new Folder. Access is denied." message. This occurs >with all accounts, both privileged and unprivileged. > > >2. Permissions set using >setfacl -m u:DOMAIN\USER:rwx >alter the permissions just fine, but do not show up in the >Properties->Security interface. >If I run >chmod DOMAIN\USER.DOMAIN\USER >it shows up. > >The permissions show up correctly if a file or directory is created on the >share from a Win client, but cannot be modified once created, and the ACL >info is not seen. > >Is this behavior normal, or am I doing something wrong? > >Here is the relevant section of smb.conf: >[SHARE] > comment = Blah blah > path = /usr/tmp/share > valid users = @DOMAIN\Group1 @DOMAIN\Group2 > public = no > writable = yes > printable = no > create mask = 0770 > directory mode = 0770 > force create mode = 0770 > force directory mode = 0770 > >Here is the output from >getfacl /usr/tmp/share >getfacl: Removing leading '/' from absolute path names ># file: usr/tmp/BUR ># owner: mpgmover ># group: mpgmover >user::rwx >group::rwx >group:DOMAIN\Group1:rwx >group:DOMAIN\Group2:rwx >mask::rwx >other::--- > >Any input would be appreciated. >Thanks >Tom Hallewell >Radio Free Asia >Washington DC > > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.410 / Virus Database: 231 - Release Date: 31/10/2002 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.410 / Virus Database: 231 - Release Date: 31/10/2002 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
