samba - Jul 2009 - can not read file permissions via samba over gpfs

Hi,

I am using samba samba3-3.3.4-39, with ctdb ctdb-1.0-69.x86_64, gpfs
gpfs-3.2.1 on centos 5.3 x86_64.
My problem is that from samba share I can't read file permissions and file
ownership, although I'm in "domain admins" group, which has full
permissions(rwx) via inherited acl (not user or group ownership).
If I'm in a group that owns the file, I can read the permissions, all
permissions for other users are none.
Example:
#owner:kavin
#group:prod
user::rwxc
group::----
other::----
mask::rwxc
group:media:rwx-
group:editors:r-x-
group:prod:rwx-
group:domain admins:rwx-

In this example, I can't see the file owner or permissions, if I add myself
to prod group, I could.

My question is, why can't I see those file permissions although I'm in
"domain admins" group that has full permissions?
With nfs client everything works file. I'm using nfsv3 only.

I'm attaching samba configuration files.

Thanks,
David

I'm adding the samba configuration file content, I think the attached file
wasn't not sent :-(, sorry...

[global]
        netbios name = atlas
        disable netbios = yes
        server string = ATLAS Storage Device(Linux-GPFS)
        realm = DOMAIN.COM
        workgroup = DOMAIN
        security = ADS
        password server = domainad
        encrypt passwords = yes
        hosts allow = 192.168.44.0/255.255.252.0 127.
        hosts deny = 0.0.0.0/0.0.0.0
        guest account = nobody
        log file = /var/log/samba/samba.log
        unix charset = UTF8
        username map = /etc/samba/user.map
        deadtime = 15
        client schannel = no
        wins server = domainad
        printcap name = /dev/null
        load printers = no
        dns proxy = no
        obey pam restrictions = yes
        pam password change = yes
        winbind separator = /
        winbind use default domain = yes
        idmap backend = tdb2
        idmap uid = 100000000-999999999
        idmap gid = 100000000-999999999
        idmap config DOMAIN : backend = ad
        idmap config DOMAIN : range = 1-99999999
        clustering = yes
        #private dir = /gpfs/clusterprivdir/smb
        fileid:mapping = fsname
        vfs objects = gpfs fileid
        gpfs:sharemodes = No
        winbind enum users = yes
        winbind enum groups = yes
        winbind nested groups = yes
        winbind nss info = sfu
        template shell = /bin/false
        valid users = @"DOMAIN/Domain Users"
        admin users = "DOMAIN/administrator"

#=================[public]
        path = /gpfs/filesets/public
        comment = Public
        browseable = yes
        writable = yes
        dos filemode = yes
        force create mode = 0775
        create mask = 0775
        security mask = 0775
        directory security mask = 0775
        force directory mode = 0775
        admin users = "DOAMIN/administrator" "administrator"
"Administrator"
        map acl inherit = yes

David

On Wed, Jul 15, 2009 at 10:00 AM, David <david.peer at gmail.com> wrote:
> Hi,
>
> I am using samba samba3-3.3.4-39, with ctdb ctdb-1.0-69.x86_64, gpfs
> gpfs-3.2.1 on centos 5.3 x86_64.
> My problem is that from samba share I can't read file permissions and
file
> ownership, although I'm in "domain admins" group, which has
full
> permissions(rwx) via inherited acl (not user or group ownership).
> If I'm in a group that owns the file, I can read the permissions, all
> permissions for other users are none.
> Example:
> #owner:kavin
> #group:prod
> user::rwxc
> group::----
> other::----
> mask::rwxc
> group:media:rwx-
> group:editors:r-x-
> group:prod:rwx-
> group:domain admins:rwx-
>
> In this example, I can't see the file owner or permissions, if I add
myself
> to prod group, I could.
>
> My question is, why can't I see those file permissions although I'm
in
> "domain admins" group that has full permissions?
> With nfs client everything works file. I'm using nfsv3 only.
>
> I'm attaching samba configuration files.
>
> Thanks,
> David
>
>