samba - Nov 2003 - Samba 3 ACL's not Shown for Directories

Hello,
Sorry if this is a dumb question,
But my search with Google didn't end in helpful results
(maybe i used the wrong words for search) ;-)

I use samba 3 on a Redhat 8 box.
My clients are WintNT, Win2k and WinXP systems.
I want to have ACL to simulate NTFS Security for my clients.
This works without problems for files,
But not for directories.
When i create directories and have a look at the Security Tab on the Windows
Properties they show me no security information (Read, Write, Full
permission)
even if getfacl <folder> shows me information (see down).
I tried several options in smb.conf but nothing seems to help.
I also tried to set serveral values for the mask with setfacl.

Here's some output which might be helpful.

I hope that someone can help me with this,
Because i don't know what to try next.

Regards
Thorsten M?ller

Output of testparm -v /etc/samba/smb.conf|grep -i directory
==========================================================[root@host /]#
testparm -v /etc/samba/smb.conf|grep -i directory
        root directory         lock directory = /var/cache/samba
        pid directory = /var/run/samba
        utmp directory         wtmp directory         directory mask = 0755
        force directory mode = 00
        directory security mask = 0777
        force directory security mode = 00
        set directory = No
        fake directory create times = No
        directory mask = 0777
        directory mask = 0777
        directory mask = 00
        force directory mode = 0755
[root@host /]#


Here's the output of ldd `which smbd`:
=====================================[root@host /]# ldd `which smbd`
        libgssapi_krb5.so.2 => /usr/kerberos/lib/libgssapi_krb5.so.2
(0x40017000)
        libkrb5.so.3 => /usr/kerberos/lib/libkrb5.so.3 (0x4002b000)
        libk5crypto.so.3 => /usr/kerberos/lib/libk5crypto.so.3 (0x40088000)
        libcom_err.so.3 => /usr/kerberos/lib/libcom_err.so.3 (0x40098000)
        libcrypto.so.2 => /lib/libcrypto.so.2 (0x4009a000)
        liblber.so.2 => /usr/lib/liblber.so.2 (0x4016e000)
        libldap.so.2 => /usr/lib/libldap.so.2 (0x40179000)
        libcups.so.2 => /usr/lib/libcups.so.2 (0x401a4000)
        libssl.so.2 => /lib/libssl.so.2 (0x401be000)
        libnsl.so.1 => /lib/libnsl.so.1 (0x401ee000)
        libcrypt.so.1 => /lib/libcrypt.so.1 (0x40203000)
        libpam.so.0 => /lib/libpam.so.0 (0x40230000)
        libattr.so.1 => /lib/libattr.so.1 (0x40238000)
        libacl.so.1 => /lib/libacl.so.1 (0x4023c000)
        libresolv.so.2 => /lib/libresolv.so.2 (0x40242000)
        libdl.so.2 => /lib/libdl.so.2 (0x40254000)
        libpopt.so.0 => /usr/lib/libpopt.so.0 (0x40257000)
        libc.so.6 => /lib/i686/libc.so.6 (0x42000000)
        libsasl.so.7 => /usr/lib/libsasl.so.7 (0x4025f000)
        /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
        libgdbm.so.2 => /usr/lib/libgdbm.so.2 (0x4026b000)
[root@host /]#

Output of getfacl:
=================getfacl: Removing leading '/' from absolute path names
# file: /home/test/ordner3
# owner: tm
# group: Dom"nen-Benutzer
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::---
default:other::---

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

M?ller, Thorsten wrote:
|
| I use samba 3 on a Redhat 8 box.
| My clients are WintNT, Win2k and WinXP systems.
| I want to have ACL to simulate NTFS Security for my clients.
| This works without problems for files,
| But not for directories.
| When i create directories and have a look at the Security
| Tab on the Windows Properties they show me no security
| information (Read, Write, Full permission)
| even if getfacl <folder> shows me information (see down).
| I tried several options in smb.conf but nothing seems to help.
| I also tried to set serveral values for the mask with setfacl.

I remember a bug that prevented displaying acl's
if the uid/gid<->SId mapping failed.  I think this
was resolved in 3.0.1pre1 but you might want to just
try the CVS tree or wait until 3.0.1pre2 due out later today.



cheers, jerry
- --
~ ----------------------------------------------------------------------
~ Hewlett-Packard            ------------------------- http://www.hp.com
~ SAMBA Team                 ---------------------- http://www.samba.org
~ GnuPG Key                  ---- http://www.plainjoe.org/gpg_public.asc
~ "You can never go home again, Oatman, but I guess you can shop
there."
~                            --John Cusack - "Grosse Point Blank"
(1997)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/q7uaIR7qMdg1EfYRAsabAJ9MaqP2EHPDJdthQ8Cj+f/aYnlgsQCfXNR9
uHCzOR6TS7VL4pc8kmDiHJw=nvxZ
-----END PGP SIGNATURE-----