Hi list,
i'm using Samba 3.0.14a as standalone-pdc with posix-acl-features.
On the fileserver i've mounted an ext3 partition to /home
/dev/hdc2 /home type ext3 (rw,usrquota,acl)
The following directory structur exists on /home
/home
+-/public_folder (exported per samba as \\fileserver\public )
|
+-/a
| +-/a_ann
| | +-/anyfolder
| | +- anyfiles
| +-/a_bert
| +-/a_sven
| +-/a_eve
|
+-/b
+-/b_4
+-/b_5
+-/b_6
The following users exists:
ann
bert
sven
eve
Currently following ACL are set:
/a
- "inherit" at the filesystem is disabled by using setfacl -k
- for any user with an own subdirectory a_<username> exists an
ACE to allow Read and eXecute
/a/a_ann
- "inherit" at the filesystem is disabled by using setfacl -k
- ACE exist for ann to allow Read and eXecute and Write
/a/a_ann/anyfolder and
file /a/a_ann/anyfolder/anyfiles
- "inherit" is _not_ disabled
- no special ACE set
... and so on for all the other subfolders of /a with separat username
My Problem:
If a new user needs an new folder at /a for instance /a/a_sebastian i
create them and setup a new ACE at /a to allow the user sebastian Read
an eXecute at /a.
At this moment it seems as if Samba changes the ACL of all subfolders of
/a to re-enable the ACL-inherit of the posix-acl. Now every user, which
exist as ACE in /a is able to browse any subfolder of /a and there
subfolders.
How to solve my problem?
Thx
Sebastian
Hi list,
i'm using Samba 3.0.14a as standalone-pdc with posix-acl-features.
On the fileserver i've mounted an ext3 partition to /home
/dev/hdc2 /home type ext3 (rw,usrquota,acl)
The following directory structur exists on /home
/home
+-/public_folder (exported per samba as \\fileserver\public )
|
+-/a
| +-/a_ann
| | +-/anyfolder
| | +- anyfiles
| +-/a_bert
| +-/a_sven
| +-/a_eve
|
+-/b
+-/b_4
+-/b_5
+-/b_6
The following users exists:
ann
bert
sven
eve
Currently following ACL are set:
/a
- "inherit" at the filesystem is disabled by using setfacl -k
- for any user with an own subdirectory a_<username> exists an
ACE to allow Read and eXecute
/a/a_ann
- "inherit" at the filesystem is disabled by using setfacl -k
- ACE exist for ann to allow Read and eXecute and Write
/a/a_ann/anyfolder and
file /a/a_ann/anyfolder/anyfiles
- "inherit" is _not_ disabled
- no special ACE set
... and so on for all the other subfolders of /a with separat username
My Problem:
If a new user needs an new folder at /a for instance /a/a_sebastian i
create them and setup a new ACE at /a to allow the user sebastian Read
an eXecute at /a.
At this moment it seems as if Samba changes the ACL of all subfolders of
/a to re-enable the ACL-inherit of the posix-acl. Now every user, which
exist as ACE in /a is able to browse any subfolder of /a and there
subfolders.
How to solve my problem?
Thx
Sebastian