Greg Sloop <gregs@sloop.net>
2022-Mar-15 17:18 UTC
[Samba] Setting permissions on AD member file server
I think you need something like setfacl -m group:"AD\domain users":rx /abc-zfs-01/ad-shared-folders/shared-files/ [fully specifying the domain/group.] But, while that fixes the "invalid argument" - it still produces an "Operation not supported" error. And while I feel stupid, I'm not sure why - despite looking at the man file and trying a few things. On Tue, Mar 15, 2022 at 9:27 AM Greg Sloop <gregs at sloop.net> < gregs at sloop.net> wrote:> > ( > greg ) > > > Do you mean -n/--no-mask [not -m - there is no -m switch] > > > > No, there IS -m (see man setfacl ) -m = modify. > > Well, yes and no. > > setfacl -m g:"domain users":rx /abc-zfs-01/ad-shared-folders/shared-files > setfacl: Option -m: Invalid argument near character 3 > > You're right, there is a -m (it's further down in the man file, and I > didn't see it) but the syntax of that command is wrong. And when I did not > see the -m in the "options" section I assumed the -m was a typo. > > I'll see what it's complaining about and if I can fix it. Since I'm not > entirely sure what you're intending to do, I am not sure I'll get it right > - and I know nothing of substance about setfacl. > > >
What's the underlying filesystem on your linux fileserver? On 3/15/22 12:18, Greg Sloop <gregs--- via samba wrote:> I think you need something like > setfacl -m group:"AD\domain users":rx > /abc-zfs-01/ad-shared-folders/shared-files/ > [fully specifying the domain/group.] > > But, while that fixes the "invalid argument" - it still produces an > "Operation not supported" error. > And while I feel stupid, I'm not sure why - despite looking at the man file > and trying a few things. > > On Tue, Mar 15, 2022 at 9:27 AM Greg Sloop <gregs at sloop.net> < > gregs at sloop.net> wrote: > >>> ( > greg ) >>> > Do you mean -n/--no-mask [not -m - there is no -m switch] >>> >>> No, there IS -m (see man setfacl ) -m = modify. >> >> Well, yes and no. >> >> setfacl -m g:"domain users":rx /abc-zfs-01/ad-shared-folders/shared-files >> setfacl: Option -m: Invalid argument near character 3 >> >> You're right, there is a -m (it's further down in the man file, and I >> didn't see it) but the syntax of that command is wrong. And when I did not >> see the -m in the "options" section I assumed the -m was a typo. >> >> I'll see what it's complaining about and if I can fix it. Since I'm not >> entirely sure what you're intending to do, I am not sure I'll get it right >> - and I know nothing of substance about setfacl. >> >> >>