On Wed, Jul 21, 2010 at 08:15:35AM -0400, John Mulligan wrote: > Hello List, > > I've run into an interesting situation and am wondering if this is by > design or just an interesting side effect: using both acl_xattr and > a user in the "admin users" list at the same time seem to conflict. > > I have a tool that is running on a windows box that needs full access > to files on a given share while ignore individual file and folder > permissions. We were able to make that tool run as an > "admin user" in smb.conf. > > When I run the tool with the vfs xattr_acl module turned on (for best > compatibility with nt acls), the tests fail but when using only straight POSIX > acls the test works. Running things manually, it appears that running > with only POSIX acls the root user on the samba side is able to read/write > any file as expected, but with acl_xattr turned on samba is doing some > internal checking of the xattr acls and blocking access to the files. > > So my question is, is this by design or is this something that the > samba team would consider as a bug/feature request? > Also feel free to tell me "you're doing it wrong" if there is a better > way to provide read/write access to the windows side regardless of > the acls on the files. None of my searches turned up anything relevant, > but its always possible that I was looking in the wrong direction. > > Thank you for your time and the great software.
Sounds like a bug to me. Setting "admin user" should mean your token is root and should override the ACL specific checks. Can you log a formal bug @ bugzilla.samba.org and be specific on how you reproduce the failure to modify the file/directory. Thanks ! Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
