Hello samba guys and XFS guys, I am now using Linux-2.4.5-1.0.1_XFS and Samba 2.2.2. Try to create a samba share on a XFS volume, for example, we create a directory named 'public', and set its default acl on 'public' as 'u::rwx,g::rw-,o::r--,m::rwx', . Under Linux box, try to create a file named 'file_linux' under directory 'public', On Samba client (Win2K) try to create a file named 'file_samba' under directory 'public'.=20 After that I try to list the ACLs for them, what I got were: chacl -l file_samba=20 ------- u::rwx,g::rw-,o::rw-,m::rwx chacl -l file_linux=20 ------- u::rwx,g::rw-,o::r--,m::rw- ( this is what we expected though the mask ACL is changed to m::rw- not m::rwx ) It seems that mask ACL has no effect on creating file on samba client. But I am wrong, repeat the steps listed below, just change default acl on 'public' as 'u::rwx,g::rw-,o::r--' without mask ACL, I get the same ACLs of file_linux and file_samba. I am still afraid that I can't describe this case well, but I hope I can get some help from samba group or xfs group .=20 :) Juer
On 2001.12.18 11:53:33 +0100 Juer Lee wrote:> Hello samba guys and XFS guys, > It seems that mask ACL has no effect on creating file on samba client. > But I am wrong, repeat the steps listed below, just change default acl > on 'public' as 'u::rwx,g::rw-,o::r--' without mask ACL, I get the same > ACLs of file_linux and file_samba. > > I am still afraid that I can't describe this case well, but I hope I can > get some help from samba group or xfs group .Hi, I had the same problem (not resolved now). The thing has to be changed is samba code. The function 'open' creating file should be called with 0777 permissions if the parent directory has ACL support, and has default ACLs. Regards, Olaf Here is a proposal sent to Jeremy Allison in October: If we have default acls then we should create a file in this way: fd=open("test_touch", O_WRONLY | O_CREAT | O_NONBLOCK | O_NOCTTY, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH); This is exacltly, as it 'touch' does. And it is perfect. To find out if parent directory has default acl we can use: struct acl *test_acl; test_acl=acl_get_file("ParentDirectoryName",ACL_TYPE_DEFAULT); if(test_acl) /*The call was successful*/ { if(test_acl->acl_cnt) { /*we have default ACL, new code here*/ } else { /*we don't have default ACL, old code here*/ } } else { /* ACL are not supported, or an error occured, old code here */ }