[Samba] permission/acl troubles

Tue, 09 Oct 2007 07:53:37 -0700 

Hi list,
Since I've upgraded from samba 3.0.23c to 3.0.25c my ACL's don't work as expected anymore. I'm not sure where the problem is, however. The symptoms are simple: with 3.0.23c, I could grant and revoke user, group and world write access to and from files in a share. With 3.0.25c, I can't do that anymore. When I deselect group or world read access and apply the changes, I don't get an error, but the permissions aren't changed either. 


The release notes mention that posix acl support has been moved to a vfs 
module, but I'm wondering if the problem I have is there: I'm having trouble 
also with the normal permissions of the files.



I compiled samba with --with-acl-support and 
--with-static-modules=vfs_posixacl, while setting 'vfs objects = posixacl' 
in the config stanza for the specific share, but no luck.



Can anyone give me a clue to a config setting or a piece of virtual dead 
tree that I can read?


Thanks a lot.

roel


Some additional info:
---/---
compile options:
./configure \
 --enable-cups \
 --enable-static=no \
 --enable-shared=yes \
 --with-fhs \
 --with-acl-support \
 --with-automount \
 --prefix=/usr \
 --localstatedir=/var \
 --bindir=/usr/bin \
 --sbindir=/usr/sbin \
 --with-lockdir=/var/cache/samba \
 --sysconfdir=/etc \
 --with-configdir=/etc/samba \
 --with-privatedir=/etc/samba/private \
 --with-swatdir=/usr/share/swat \
 --with-smbmount \
 --with-quotas \
 --with-syslog \
 --with-utmp \
 --with-libsmbclient \
 --with-winbind \
 --with-ldapsam \
 --with-static-modules=vfs_posixacl \

---/---
smb.conf:
[global]
       workgroup = DEMO
       netbios name = TESTSERVER
       server string = testserver

       interfaces = 192.168.1.255/24 127.255.255.255/8
       bind interfaces only = Yes
       hosts allow = 192.168.1. 127.0.0.1

       encrypt passwords = Yes
       username map = /etc/samba/smbusers

       log file = /var/log/samba/samba.log
       max log size=350k
       max open files = 4000
       syslog = 0

       domain logons = Yes
       logon script = %U.bat
       # This is for winNT and possibly win2000
       # The profile share is also needed
       logon path = \\testserver\%U\.profileNT
       # This is for win95 and win98
       logon drive = H:
       logon home = \\testserver\%U

       os level = 254
       preferred master = Yes
       domain master = Yes
       local master = Yes

       wins support = Yes
       time server = Yes
       name resolve order = host wins bcast

       passdb backend = ldapsam:ldap://localhost
       ldap suffix = dc=example,dc=tld
       ldap machine suffix = ou=users
       ldap user suffix = ou=users
       ldap group suffix = ou=Groups
       ldap idmap suffix = ou=Idmap
       ldap admin dn = cn=admin,dc=example,dc=tld
       idmap backend = ldap:ldap://localhost
       idmap uid = 10000-20000
       idmap gid = 10000-20000

       printing = cups
       min print space = 1000
       vfs objects = posixacl

       oplocks = No
       level2 oplocks = No

[tv]
       path = /tmp/tv
       readlist =
       validusers = +"Domain Users"
       writelist = +"Domain Users"
       vfs objects = posixacl

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba






















					Reply via email to