Leandro Ariel Gomez Chavarria
2004-Apr-07 20:13 UTC
[Samba] inconsistence behavior concerning security
Hi all, I have a share for 2 groups of users in which I need this behavior: Group A: can create/delete files Group B: only can modify files I solve this with a share rw for both groups, and FS directory permissions are 2770 and groupA is the owner of the directory, and an acl for groupB which is r-x Then the default acl for this directory is rwx for GroupB, so, when something is created here, recive rwx permissions. Everything looks to work fine, I tested with .txt files in a w2k and it's ok. BUT!: it doesn't work with MS Office files! (xls, doc, ppt, etc) Example: drwxrws--- 2 CENCOSUD+Administrator CENCOSUD+Inventario_Easy_CL 4096 Apr 7 16:57 . # file: . # owner: CENCOSUD+Administrator # group: CENCOSUD+Inventario_Easy_CL user::rwx group::rwx group:CENCOSUD+Inventario_Easy_CL_RX:r-x mask::rwx other::--- default:user::rwx default:group::rwx default:group:CENCOSUD+Adm_FileSystem_CL:rwx default:group:CENCOSUD+Inventario_Easy_CL_RX:rwx default:mask::rwx default:other::--- -rw-rwx--- 1 root CENCOSUD+Inventario_Easy_CL 11776 Apr 7 16:54 test.xls -rw-rwx--- 1 root CENCOSUD+Inventario_Easy_CL 0 Apr 7 16:57 test.txt [root@phmafs02 Inventario_Easy_CL]# getfacl test* # file: test.txt # owner: root # group: CENCOSUD+Inventario_Easy_CL user::rw- group::rw- group:CENCOSUD+Inventario_Easy_CL_RX:rwx mask::rwx other::--- # file: test.xls # owner: root # group: CENCOSUD+Inventario_Easy_CL user::rw- group::rwx group:CENCOSUD+Inventario_Easy_CL_RX:rwx mask::rwx other::--- And this is the log of an operation of open with a xls file: [2004/04/07 16:54:55, 2] smbd/open.c:open_file(246) cl opened file Inventario_Easy_CL/test.xls read=Yes write=No (numopen=2) [2004/04/07 16:54:55, 2] smbd/close.c:close_normal_file(230) cencosud+cl closed file Inventario_Easy_CL/test.xls (numopen=1) [2004/04/07 16:54:55, 2] smbd/open.c:open_file(246) cl opened file Inventario_Easy_CL/test.xls read=Yes write=No (numopen=2) [2004/04/07 16:54:56, 2] smbd/close.c:close_normal_file(230) cencosud+cl closed file Inventario_Easy_CL/test.xls (numopen=1) [2004/04/07 16:54:56, 2] smbd/open.c:open_file(246) cl opened file Inventario_Easy_CL/test.xls read=Yes write=No (numopen=2) [2004/04/07 16:54:56, 2] smbd/close.c:close_normal_file(230) cencosud+cl closed file Inventario_Easy_CL/test.xls (numopen=1) [2004/04/07 16:54:56, 2] smbd/open.c:open_file(246) cl opened file Inventario_Easy_CL/test.xls read=Yes write=Yes (numopen=2) [2004/04/07 16:54:57, 2] smbd/open.c:open_file(246) cl opened file Inventario_Easy_CL/test.xls read=Yes write=No (numopen=3) [2004/04/07 16:54:57, 2] smbd/close.c:close_normal_file(230) cencosud+cl closed file Inventario_Easy_CL/test.xls (numopen=2) Someone had a similar experience ??? Advices ? Workarounds ??
Possibly Parallel Threads
- 3.0.24 -- Office read only issue, bizarre EAs and disappearing ACLs
- wins across two networks
- Secondary group problem in include statement
- Two way anova repeated measures and post hoc testing - several questions
- Test for X=1 fails, test for >0 works, data in text file is 1