hi,
i'm tried to setup a samba-server with ACL support.
i realized that this is still not what Users might look for.
here are some things that are anoying:
- POSIX-ACLs only support rwx
- a user, group or everybody with the rights rwx seem to have "Full
Access" (in the Windows-Explore) although "Full Access" includes
the
ability to change the ACL - but this is only allowed for the owner of
the file.
- the right to change ACLs doesn't exists - so the root is again your
best/only friend when changing rights
than i read about VFS support - but realized, that this is nothing
useful for me yet.
i would suggest the following:
samba must perform a limited number of IO-operations on the filesystem.
the acl-implementations seem differ. so i would think of forming a API
for filesystem-libraries which could be implemented without the need to
get into the whole samba-sourcetree.
this filesystem-libraries could be loaded on runtime - or perhaps be
compiled in as a certain kind of module.
this filesystem-libraries could be used to implement:
- diffent native acl-support
- perhaps a file- or database-based acl storing
- any other things that have to do with file-IO
that means, that these libraries should get as much data as available -
for example the reduction from windows-acls to posix-acls should happen
within these libraries - and not within samba cause this would limit the
use of the library.
VFS works with scripts at the moment - when i understood everything
right. this is just to slow - a dynamically loaded library is much
faster. VFS also doesn't support ACLs - or does it?
Thx for reading.
