Hello
I have a problem with POSIX ACLs. I have created a directory with these
ACLs:
> getfacl .
# file: .
# owner: testuser
# group: tls
user::rwx
group::rwx
group:ptls:r-x
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:tls:rwx
default:group:ptls:r-x
default:mask::rwx
default:other::---
When I create a file in it, it inherits the containing directory's default
ACLs and it's ACL mask is set to rw- (for directory it would be rwx), which
essentialy marks it not executable.
> touch test
# getfacl test
# file: test
# owner: root
# group: root
user::rw-
group::rwx #effective:rw-
group:tls:rwx #effective:rw-
group:ptls:r-x #effective:r--
mask::rw-
other::---
The problem arises when I create another file from a Windows machine on the
network drive which points to the same directory. The mask stays rwx as for
directory and file is executable.
> getfacl test.txt ### Empty text file created in Windows
# file: test.txt
# owner: hrubsa
# group: hrubsa
user::rwx
group::rwx
group:tls:rwx
group:ptls:r-x
mask::rwx
other::---
Relevant part of smb.conf:
read only = No
create mask = 0666
security mask = 0666
inherit acls = Yes
map acl inherit = Yes
map archive = No
map readonly = no
store dos attributes = Yes
wide links = No
After setting inherit acls = No, the create/security mask were applied to
standard unix permissions, but not on ACL entries.
> getfacl test2.txt
# file: test2.txt
# owner: hrubsa
# group: hrubsa
user::rw-
group::rw-
group:tls:rwx
group:ptls:r-x
mask::rwx
other::rw-
The problem is I need to share this directory through samba and use it on
Debian Linux at the same time, I don't want all files created in Windows to
be executable in Linux. Maybe I'm blind and I don't see the way to
configure
it, maybe it has to be changed in samba source to allow this behavior
(setting mode when creating new files?).
What do you think?
Thank you for your answers
--
Regards
Juraj Hrubsa