On 10/02/2023 09:14, Stefan G. Weichinger via samba
wrote:> Am 10.02.23 um 10:01 schrieb Rowland Penny via samba:
>
>>> The yellow warning is there on shares belonging to root or
>>> Administrator (wrong)
>>
>> Problem is, Administrator shouldn't own anything on Unix.
>
> I understand. Will try to change that asap.
>
> But why the warning on shares also where the directory belongs to root
> on the linux filesystem?
>
> Just tested that again with a test share:
>
> chown to root:10512 (domain-admins), chmod 770 ... same yellow warning
> in the dialog (with the 2 corrected DNS-IPs in resolv.conf also)
>
>>> Reading
>>>
https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs again,
sure.
>>>
>>> I don't have "acl_xattr:ignore system acls = yes" ...
changing that
>>> sounds dangerous, especially while there are dozens of active users
>>> on the server right now.
>>
>> That does exactly what it says, the normal 'ugo' Unix
permissions will
>> be ignored and only permissions set from Windows (and stored in an EA)
>> will be used by Samba.
>
> Should I set that or not?
>
> Is there a best practice to fix that on productive machines without
> breaking stuff?
>
> The users work with the shares for years now, I am not even sure if that
> yellow warning for those "claim types" is relevant at all in my
case ...
> as I seem to be able to add/edit perms anyway.
>
>
It is one of those 'Marmite' things, you either love it or hate it. I
have never used it, but Louis insisted on it.
I, personally would test this out on a test machine, if it fixes your
problem, then great, use it.
Rowland