not sure that you are right. Samba use both unix right and posix acl right.
the directory test1 have unix right that autorise smb-Users to access-it. And you cancel it with acl entry => the smb-users group have no right. But you not have default acl entry, if you spec default acl entry with the same right that the acl entry, all directory created under test will take the value described by default acl entry. Else take the unix value. ----------------------------------- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 04/01/2008 15:40:47 : > Hello > > I'm running Debian Etch with distro kernel & Samba package (2.6.18-5-686 > & 3.0.24-6etch9). > > In my smb.conf I have : > > inherit owner = yes > inherit permissions = yes > inherit acls = yes > > > I start with a dir test1 with no rights for group smb-Users, rx for > group smb-Inf, and rwx for group smb-Bme-Fr : > > [EMAIL PROTECTED]:/mnt/temp # ll > total 28 > drwxr-xr-x 4 root root 4096 2008-01-04 15:08 . > drwxr-xr-x 4 root root 29 2008-01-04 14:38 .. > drwx------ 2 root root 16384 2008-01-04 14:37 lost+found > drwxrwx---+ 2 root smb-Users 4096 2008-01-04 15:25 test1 > [EMAIL PROTECTED]:/mnt/temp # getfacl test1/ > # file: test1 > # owner: root > # group: smb-Users > user::rwx > group::--- > group:smb-Inf:r-x > group:smb-Bme-Fr:rwx > mask::rwx > other::--- > > > >From a Windows XP client with a user member of the group smb-Bme-Fr I > create a dir test2 in dir test1, then I have : > > [EMAIL PROTECTED]:/mnt/temp # ll test1/ > total 20 > drwxrwx---+ 3 root smb-Users 4096 2008-01-04 15:26 . > drwxr-xr-x 4 root root 4096 2008-01-04 15:08 .. > drwxrwx---+ 2 root smb-Users 4096 2008-01-04 15:26 test2 > [EMAIL PROTECTED]:/mnt/temp # getfacl test1/test2/ > # file: test1/test2 > # owner: root > # group: smb-Users > user::rwx > group::rwx > group:smb-Inf:r-x > group:smb-Bme-Fr:rwx > mask::rwx > other::--- > > > The group smb-Users should have no rights on test2, inherited from the > test1 dir, but it has rwx. A user belonging to smb-Users and smb-Inf has > rwx access and he should have just rx. > > I'm using XFS on my Samba server, I tried with ext3 with same results. > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
