Greg Sloop <gregs@sloop.net>
2022-Mar-15 16:27 UTC
[Samba] Setting permissions on AD member file server
> ( > greg ) > > Do you mean -n/--no-mask [not -m - there is no -m switch] > > No, there IS -m (see man setfacl ) -m = modify.Well, yes and no. setfacl -m g:"domain users":rx /abc-zfs-01/ad-shared-folders/shared-files setfacl: Option -m: Invalid argument near character 3 You're right, there is a -m (it's further down in the man file, and I didn't see it) but the syntax of that command is wrong. And when I did not see the -m in the "options" section I assumed the -m was a typo. I'll see what it's complaining about and if I can fix it. Since I'm not entirely sure what you're intending to do, I am not sure I'll get it right - and I know nothing of substance about setfacl.
On Tue, 2022-03-15 at 09:27 -0700, Greg Sloop <gregs--- via samba wrote:> > ( > greg ) > > > Do you mean -n/--no-mask [not -m - there is no -m switch] > > > > No, there IS -m (see man setfacl ) -m = modify. > > Well, yes and no. > > setfacl -m g:"domain users":rx /abc-zfs-01/ad-shared-folders/shared- > files > setfacl: Option -m: Invalid argument near character 3The character number '3' is ' " ', try it this way: setfacl -m g:Domain\ Users:rx /abc-zfs-01/ad-shared-folders/shared- files Rowland
Greg Sloop <gregs@sloop.net>
2022-Mar-15 17:18 UTC
[Samba] Setting permissions on AD member file server
I think you need something like setfacl -m group:"AD\domain users":rx /abc-zfs-01/ad-shared-folders/shared-files/ [fully specifying the domain/group.] But, while that fixes the "invalid argument" - it still produces an "Operation not supported" error. And while I feel stupid, I'm not sure why - despite looking at the man file and trying a few things. On Tue, Mar 15, 2022 at 9:27 AM Greg Sloop <gregs at sloop.net> < gregs at sloop.net> wrote:> > ( > greg ) > > > Do you mean -n/--no-mask [not -m - there is no -m switch] > > > > No, there IS -m (see man setfacl ) -m = modify. > > Well, yes and no. > > setfacl -m g:"domain users":rx /abc-zfs-01/ad-shared-folders/shared-files > setfacl: Option -m: Invalid argument near character 3 > > You're right, there is a -m (it's further down in the man file, and I > didn't see it) but the syntax of that command is wrong. And when I did not > see the -m in the "options" section I assumed the -m was a typo. > > I'll see what it's complaining about and if I can fix it. Since I'm not > entirely sure what you're intending to do, I am not sure I'll get it right > - and I know nothing of substance about setfacl. > > >