Travis Bullock
2005-Jan-21 16:05 UTC
[Samba] More help on ACL problem please...anyone...anyone...Bueller?
Hello, I am running Fedora Core 2. Kernel: linux-2.6.5-1.358 Kernel supports ACL: [root@atlas configs]# grep FS_SECURITY kernel-2.6.5-i686-smp.config CONFIG_EXT2_FS_SECURITY=y CONFIG_EXT3_FS_SECURITY=y CONFIG_XFS_SECURITY=y CONFIG_DEVPTS_FS_SECURITY=y [root@atlas configs]# grep XATTR kernel-2.6.5-i686-smp.config CONFIG_EXT2_FS_XATTR=y CONFIG_EXT3_FS_XATTR=y CONFIG_DEVPTS_FS_XATTR=y Have extended attributes set in /etc/fstab is as follows: /dev/Goliath/root / ext3 acl,user_xattr 1 1 I have a directory called Planning with ACL permissions assigned via the setfacl command: drwxrwx---+ 2 root AVMAX+Planning 4096 Jan 14 09:55 Planning which looks like this with getfacl: [root@atlas avamx_shares]# getfacl Planning/ # file: Planning # owner: root # group: AVMAX+Planning user::rwx group::rwx group:AVMAX+Domain Users:r-- mask::rwx other::--- Problem: If I add my user to the AVMAX+Planning group on my NT DOMAIN PDC there is no problem. I can browse to the Planning directory via My Network Places. However if I remove my account from the AVMAX+Planning group and browse to the Planning directory it prompts me for a password. Because my account is by default a member of the AVMAX+Domain Users and I have configured (i think) the Planning directory ACL to allow read access to the AVMAX+Domain Users group.....I should be able to browse this directory without being prompted for a username and password.... QUESTION: What did I do wrong or not do at all to make the applied ACL function correctly and allow all users in the AVMAX+Domain Users group read acces to the Planning samba share? Cheers, Travis
Travis Bullock
2005-Jan-24 15:59 UTC
[Samba] More help on ACL problem please...anyone...anyone...Bueller?
Hello, I am running Fedora Core 2. Kernel: linux-2.6.5-1.358 Kernel supports ACL: [root@atlas configs]# grep FS_SECURITY kernel-2.6.5-i686-smp.config CONFIG_EXT2_FS_SECURITY=y CONFIG_EXT3_FS_SECURITY=y CONFIG_XFS_SECURITY=y CONFIG_DEVPTS_FS_SECURITY=y [root@atlas configs]# grep XATTR kernel-2.6.5-i686-smp.config CONFIG_EXT2_FS_XATTR=y CONFIG_EXT3_FS_XATTR=y CONFIG_DEVPTS_FS_XATTR=y Have extended attributes set in /etc/fstab is as follows: /dev/Goliath/root / ext3 acl,user_xattr 1 1 I have a directory called Planning with ACL permissions assigned via the setfacl command: drwxrwx---+ 2 root AVMAX+Planning 4096 Jan 14 09:55 Planning which looks like this with getfacl: [root@atlas avamx_shares]# getfacl Planning/ # file: Planning # owner: root # group: AVMAX+Planning user::rwx group::rwx group:AVMAX+Domain Users:r-- mask::rwx other::--- Problem: If I add my user to the AVMAX+Planning group on my NT DOMAIN PDC there is no problem. I can browse to the Planning directory via My Network Places. However if I remove my account from the AVMAX+Planning group and browse to the Planning directory it prompts me for a password. Because my account is by default a member of the AVMAX+Domain Users and I have configured (i think) the Planning directory ACL to allow read access to the AVMAX+Domain Users group.....I should be able to browse this directory without being prompted for a username and password.... QUESTION: What did I do wrong or not do at all to make the applied ACL function correctly and allow all users in the AVMAX+Domain Users group read acces to the Planning samba share? Cheers, Travis