Hi !
I?m currently testing samba-3.0.0rc4 as a pdc with acl-support.
The box runs with debian-linux and a xfs-enabled 2.4.22-kernel.
I have defined a share which is located on a xfs-partition.
(changing acls with setfacl works well)
I activated the flag : nt acl support = yes
If I now try to change acls, i can open the win2k-acl-dialoge -
but changes are not accepted by a "permission denied" message.
Whats wrong ?
Where can i get addtional informations about this ?
Best regards
Marc Schoechlin
my smb.conf:
--
[global]
netbios name = UMLSERV
workgroup = UML
admin users = @admins
server string = Samba Server
passdb backend = smbpasswd, guest
log level = 3
load printers = yes
log file = /usr/local/samba/var/log.%m
# max log size = 50
security = user
encrypt passwords = yes
socket options = TCP_NODELAY
domain master = yes
add user script = /usr/sbin/useradd -d /dev/null -g machines -c 'Desktop
PC' -s /bin/false -M %u
preferred master = yes
domain logons = yes
local master = yes
os level = 65
logon path = \\%L\profiles\%u
logon drive = Z:
logon script = logon.cmd
nt acl support = yes
#inherit acls = yes
#map acl inherit = yes
#profile acls = yes
[homes]
comment = Home Directories
browseable = no
writable = yes
[netlogon]
comment = Network Logon Service
path = /serv/netlogon
read only = yes
write list = ntadmin
[profiles]
path = /serv/profiles
read only = no
create mask = 0600
directory mask = 0700
#browseable = yes
[printers]
comment = All Printers
path = /usr/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
public = yes
[public]
comment = Public Stuff
path = /serv/share
public = yes
writable = yes
printable = no
write list = @users
--
--
Gruss / Best regards | LF.net GmbH | fon +49 711 90074-413
Marc Schoechlin | Ruppmannstr. 27 | fax +49 711 90074-33
ms@LF.net | D-70565 Stuttgart | http://www.lf.net
Hi,> I?m currently testing samba-3.0.0rc4 as a pdc with acl-support. > > The box runs with debian-linux and a xfs-enabled 2.4.22-kernel. > > I have defined a share which is located on a xfs-partition. > (changing acls with setfacl works well) > > I activated the flag : nt acl support = yes > > If I now try to change acls, i can open the win2k-acl-dialoge - > but changes are not accepted by a "permission denied" message. > > Whats wrong ? > > Where can i get addtional informations about this ?I don't know about samba 3, but in samba 2.2.x acl support was an option to be set at configure time (before compiling). The smb.conf option "nt acl support" only maps the ordinary unix permissions to acl-like entries: nt acl support (S) This boolean parameter controls whether smbd(8) will attempt to map UNIX permissions into Windows NT access control lists. This parameter was formally a global parameter in releases prior to 2.2.2. Default: nt acl support = yes So you normally only get three entries: one for the user, one for the group, one for everybody. Christopher -- ===================================================== Dipl.-Ing. Christopher Odenbach HNI Rechnerbetrieb odenbach@uni-paderborn.de Tel.: +49 5251 60 6215 ======================================================