Noel Kelly
2002-Feb-21 07:13 UTC
[Samba] Windows changes file ownership & ACL's - any solution ?
I thought I had read a response to this. Went something like this: Word (and lots of others such apps) do not actually deal with the original file. They create a temporary file which overwrites the original when you save the new document. The 'new' file of course inherits the new editor's ownership. Hope this helps you. Noel -----Original Message----- From: Josh Konkol [mailto:susesambaboy@yahoo.com] Sent: 21 February 2002 14:55 To: samba@lists.samba.org Subject: [Samba] Windows changes file ownership & ACL's - any solution? I'm re-posting this only because I didn't get any responses before. ANY help is very much appreciated. I'm running SuSE 7.0, Samba 2.2.2 w/Winbind, Pam, on 2.2.20 Kernel w/ACL Support. I have just verified that I'm having this same problem. Exactly. I saved a file on a Samba share, then I verified I was the owner. I then went to a co-worker's computer and opened, edited, saved the file with M$ Word. Now when I look at ownership, it is set to him as the owner and the permissions are reset. When I follow the same steps using Notepad, the ownership and permissions aren't changed. Here are the settings for my share: [share] comment = Test Winbind Share path = /mnt/share create mask = 0777 browseable = Yes writeable = yes Here is the ACL for the file before I edited it with M$ Word. linux10:/mnt/share # getfacl acltest.doc # file: acltest.doc # owner: DOMAIN+$ejwk # group: DOMAIN+Domain Users user::rwx user:DOMAIN+I10201:rwx group::rw- mask::rwx other::rw- Here is the ACL for the file After I edited it with M$ Word. linux10:/mnt/share # getfacl acltest.doc # file: acltest.doc # owner: DOMAIN+I10201 # group: DOMAIN+Domain Users user::rwx group::rw- other::rw- How do we work around this problem. Anyone have any ideas or having the same problems ?? TIA Josh Konkol _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Josh Konkol
2002-Feb-21 07:58 UTC
[Samba] Windows changes file ownership & ACL's - any solution ?
So then what good are ACL's if they're going to be overwritten each time the file is accessed? Am I the only one here to sees this as a real problem? I'm ready to implement Samba full-force, but this IMHO is a big issue. ANY feedback right now is appreciated Josh On Thursday 21 February 2002 09:05, Noel Kelly wrote:> I thought I had read a response to this. Went something like this: > > Word (and lots of others such apps) do not actually deal with the original > file. They create a temporary file which overwrites the original when you > save the new document. The 'new' file of course inherits the new editor's > ownership. > > Hope this helps you. > > Noel > > -----Original Message----- > From: Josh Konkol [mailto:susesambaboy@yahoo.com] > Sent: 21 February 2002 14:55 > To: samba@lists.samba.org > Subject: [Samba] Windows changes file ownership & ACL's - any solution? > > > I'm re-posting this only because I didn't get any responses before. ANY > help > is very much appreciated. > > I'm running SuSE 7.0, Samba 2.2.2 w/Winbind, Pam, on 2.2.20 Kernel w/ACL > Support. > > I have just verified that I'm having this same problem. Exactly. I saved > a > > file on a Samba share, then I verified I was the owner. I then went to a > co-worker's computer and opened, edited, saved the file with M$ Word. Now > when I look at ownership, it is set to him as the owner and the permissions > are reset. When I follow the same steps using Notepad, the ownership and > permissions aren't changed. > > Here are the settings for my share: > > [share] > comment = Test Winbind Share > path = /mnt/share > create mask = 0777 > browseable = Yes > writeable = yes > > Here is the ACL for the file before I edited it with M$ Word. > > linux10:/mnt/share # getfacl acltest.doc > # file: acltest.doc > # owner: DOMAIN+$ejwk > # group: DOMAIN+Domain Users > user::rwx > user:DOMAIN+I10201:rwx > group::rw- > mask::rwx > other::rw- > > Here is the ACL for the file After I edited it with M$ Word. > > linux10:/mnt/share # getfacl acltest.doc > # file: acltest.doc > # owner: DOMAIN+I10201 > # group: DOMAIN+Domain Users > user::rwx > group::rw- > other::rw- > > How do we work around this problem. > > Anyone have any ideas or having the same problems ?? > > TIA > > Josh Konkol > > > > _________________________________________________________ > Do You Yahoo!? > Get your free @yahoo.com address at http://mail.yahoo.com_________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com
David Brodbeck
2002-Feb-21 09:00 UTC
[Samba] Windows changes file ownership & ACL's - any solution ?
Does an NT server behave any differently? My solution is to not rely on the owner being any particular user. Set things up (either with default ACLs on the folders, or with 'force group' and 'create mode') so that the proper people will always have group read/write access to the files. This also lets you make sure that new files will have the proper permissions. For example, we might have an Engineering/R&D folder with default ACLs like this: DOMAIN+Engineering:rx DOMAIN+R&D:rwx Now every file and folder created in that directory will have read access for people in the Engineering group, and read/write access for people in the R&D group. The only time it matters who owns the file is if someone wants to change the attributes or ACLs on it, since attributes and ACLs can only be changed by the owner or by root. -----Original Message----- From: Josh Konkol [mailto:susesambaboy@yahoo.com] Sent: Thursday, February 21, 2002 11:44 AM To: Noel Kelly; samba@lists.samba.org Subject: Re: [Samba] Windows changes file ownership & ACL's - any solution ? So then what good are ACL's if they're going to be overwritten each time the file is accessed? Am I the only one here to sees this as a real problem? I'm ready to implement Samba full-force, but this IMHO is a big issue. ANY feedback right now is appreciated Josh On Thursday 21 February 2002 09:05, Noel Kelly wrote:> I thought I had read a response to this. Went something like this: > > Word (and lots of others such apps) do not actually deal with the original > file. They create a temporary file which overwrites the original when you > save the new document. The 'new' file of course inherits the new editor's > ownership. > > Hope this helps you. > > Noel > > -----Original Message----- > From: Josh Konkol [mailto:susesambaboy@yahoo.com] > Sent: 21 February 2002 14:55 > To: samba@lists.samba.org > Subject: [Samba] Windows changes file ownership & ACL's - any solution? > > > I'm re-posting this only because I didn't get any responses before. ANY > help > is very much appreciated. > > I'm running SuSE 7.0, Samba 2.2.2 w/Winbind, Pam, on 2.2.20 Kernel w/ACL > Support. > > I have just verified that I'm having this same problem. Exactly. I saved > a > > file on a Samba share, then I verified I was the owner. I then went to a > co-worker's computer and opened, edited, saved the file with M$ Word. Now > when I look at ownership, it is set to him as the owner and thepermissions> are reset. When I follow the same steps using Notepad, the ownership and > permissions aren't changed. > > Here are the settings for my share: > > [share] > comment = Test Winbind Share > path = /mnt/share > create mask = 0777 > browseable = Yes > writeable = yes > > Here is the ACL for the file before I edited it with M$ Word. > > linux10:/mnt/share # getfacl acltest.doc > # file: acltest.doc > # owner: DOMAIN+$ejwk > # group: DOMAIN+Domain Users > user::rwx > user:DOMAIN+I10201:rwx > group::rw- > mask::rwx > other::rw- > > Here is the ACL for the file After I edited it with M$ Word. > > linux10:/mnt/share # getfacl acltest.doc > # file: acltest.doc > # owner: DOMAIN+I10201 > # group: DOMAIN+Domain Users > user::rwx > group::rw- > other::rw- > > How do we work around this problem. > > Anyone have any ideas or having the same problems ?? > > TIA > > Josh Konkol > > > > _________________________________________________________ > Do You Yahoo!? > Get your free @yahoo.com address at http://mail.yahoo.com_________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Noel Kelly
2002-Feb-22 00:36 UTC
[Samba] Windows changes file ownership & ACL's - any solution ?
That is exactly what we do. If you have an issue with only a single user having rights to a set of files then ask them to create a new folder in their shared area and they can change the ACLs to block access from others. Noel -----Original Message----- From: David Brodbeck [mailto:DavidB@mail.interclean.com] Sent: 21 February 2002 16:54 To: 'Josh Konkol'; Noel Kelly; samba@lists.samba.org Subject: RE: [Samba] Windows changes file ownership & ACL's - any solution ? Does an NT server behave any differently? My solution is to not rely on the owner being any particular user. Set things up (either with default ACLs on the folders, or with 'force group' and 'create mode') so that the proper people will always have group read/write access to the files. This also lets you make sure that new files will have the proper permissions. For example, we might have an Engineering/R&D folder with default ACLs like this: DOMAIN+Engineering:rx DOMAIN+R&D:rwx Now every file and folder created in that directory will have read access for people in the Engineering group, and read/write access for people in the R&D group. The only time it matters who owns the file is if someone wants to change the attributes or ACLs on it, since attributes and ACLs can only be changed by the owner or by root. -----Original Message----- From: Josh Konkol [mailto:susesambaboy@yahoo.com] Sent: Thursday, February 21, 2002 11:44 AM To: Noel Kelly; samba@lists.samba.org Subject: Re: [Samba] Windows changes file ownership & ACL's - any solution ? So then what good are ACL's if they're going to be overwritten each time the file is accessed? Am I the only one here to sees this as a real problem? I'm ready to implement Samba full-force, but this IMHO is a big issue. ANY feedback right now is appreciated Josh On Thursday 21 February 2002 09:05, Noel Kelly wrote:> I thought I had read a response to this. Went something like this: > > Word (and lots of others such apps) do not actually deal with the original > file. They create a temporary file which overwrites the original when you > save the new document. The 'new' file of course inherits the new editor's > ownership. > > Hope this helps you. > > Noel > > -----Original Message----- > From: Josh Konkol [mailto:susesambaboy@yahoo.com] > Sent: 21 February 2002 14:55 > To: samba@lists.samba.org > Subject: [Samba] Windows changes file ownership & ACL's - any solution? > > > I'm re-posting this only because I didn't get any responses before. ANY > help > is very much appreciated. > > I'm running SuSE 7.0, Samba 2.2.2 w/Winbind, Pam, on 2.2.20 Kernel w/ACL > Support. > > I have just verified that I'm having this same problem. Exactly. I saved > a > > file on a Samba share, then I verified I was the owner. I then went to a > co-worker's computer and opened, edited, saved the file with M$ Word. Now > when I look at ownership, it is set to him as the owner and thepermissions> are reset. When I follow the same steps using Notepad, the ownership and > permissions aren't changed. > > Here are the settings for my share: > > [share] > comment = Test Winbind Share > path = /mnt/share > create mask = 0777 > browseable = Yes > writeable = yes > > Here is the ACL for the file before I edited it with M$ Word. > > linux10:/mnt/share # getfacl acltest.doc > # file: acltest.doc > # owner: DOMAIN+$ejwk > # group: DOMAIN+Domain Users > user::rwx > user:DOMAIN+I10201:rwx > group::rw- > mask::rwx > other::rw- > > Here is the ACL for the file After I edited it with M$ Word. > > linux10:/mnt/share # getfacl acltest.doc > # file: acltest.doc > # owner: DOMAIN+I10201 > # group: DOMAIN+Domain Users > user::rwx > group::rw- > other::rw- > > How do we work around this problem. > > Anyone have any ideas or having the same problems ?? > > TIA > > Josh Konkol > > > > _________________________________________________________ > Do You Yahoo!? > Get your free @yahoo.com address at http://mail.yahoo.com_________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba