Hi,
i have a running samba+ctdb installation with samba as a domain-member.
everything works but the acl's. The users want to be able to set
permissions on the share. glusterfs does not support extended acls, so i
am using acl_xattr. xattr is installed and i can manually set attributes
using setfattr on the shared-directory. if i try to set the permissions
using a winxp client i'll get a "Permissions Denied". It's
strange that
the file is also "Write Protected" in the Windows-File-Properties. At
the samba-server the file's owner is the user i am using, and has
777-Rights.
I have the same problem when i use acl_tdb.
Does anyone have an idea?
This is my config:
glusterfs (xfs-backend) + ctdb
Samba(3.4.8):
[global]
workgroup = OFFICE
realm = OFFICE.MAY.CO.AT
netbios name = DSLIN
server string = %h server
security = ADS
obey pam restrictions = Yes
password server = winserver.example.com
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
log file = /var/log/samba/log.%m
max log size = 1000
clustering = Yes
dns proxy = No
panic action = /usr/share/samba/panic-action %d
idmap backend = tdb2
idmap uid = 10000-20000
idmap gid = 10000-20000
template homedir = /mnt/gluster/daten/homes/%U
template shell = /bin/bash
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
[homes]
comment = Home Directories
path = /mnt/gluster/daten/homes/%U
valid users = %S
read only = No
create mask = 0700
directory mask = 0700
browseable = No
browsable = No
[share]
path = /mnt/gluster/daten/share/
read only = No
inherit permissions = Yes
inherit acls = Yes
guest ok = Yes
map acl inherit = Yes
vfs objects = acl_xattr
