similar to: inherit acls and inherit permissions = execute bit always set?

We are running a fileserver (Samba version 3.0.10-1.4E.9) on CentOS 4.4. No AD, clients are Windows XP and OS X. Linux acl's are used for access to directories and files. Each top-level folder belongs to a primary group with mode 2770. The acl's restrict access to lower level directories. We need to pass the acl's down the directory tree or else users may have unexpected access to

Hi, I have a share (testshare) where different unix groups (testgroup1, testgroup2) should have access to. But I want that new files are only created with 660 permissions. Here are the ACL's of testshare: # file: testshare # owner: ralfgro # group: ve user::rwx group::rwx group:testgroup1:rwx group:testgroup2:rwx mask::rwx other::--- default:user::rwx default:group::---

Hi Lorenzo and Dale, My setup is like Lorenzo's completely based on setgid being propagated. The filesystem should determine the group used starting at a certain directory. Different "root" directories have different groups, and security is based on groups, not users. I tried all sorts of settings combinations, alseo "force directory mode = 2770", but none propagates

Are any of you using the Intel 320 as ZIL? It''s MLC based, but I understand its wear and performance characteristics can be bumped up significantly by increasing the overprovisioning to 20% (dropping usable capacity to 80%). Anyone have experience with this? Ray

So what does everyone out there use to generate web statistics these days? Are the tried and true awstats or webalizer still the best out there? Ray

Hey all, I'm having some trouble getting PHP5 w/ CentOS 5 to connect to a remote MySQL server using the standard mysql_connect() call. Yes, MySQL libraries are installed along with php-mysql... The only way I can get it to work is to run setenforce Permissive, otherwise the connection fails. The annoying thing is that nothing at all shows up in my /var/log/messages file describing why

I'm trying to join my FC6 box to our Active Directory domain. For the most part the setup was pretty straightforward, but it just doesn't seem like winbind separator is being honored. When I do a 'getent passwd' I get the following: AVWORLD\johnXXXX:*:16782801:16777216:XXXXXXXX:/home/AVWORLD/johnXXXX:/bin/bash

Hi all; We have a Solaris 10 U9 x86 instance running on Silicon Mechanics / SuperMicro hardware. Occasionally under high load (ZFS scrub for example), the box becomes non-responsive (it continues to respond to ping but nothing else works -- not even the local console). Our only solution is to hard reset after which everything comes up normally. Logs are showing the following: Jan 8

Hello everyone, I'm doing some tests with ACL's and even though I can create a "default" ACL for a directory (that includes "rwx" for the default owner), when I finally create a file wihin that directory the execute bit is chopped off: [joe at machine ~]$ mkdir mydir [joe at machine ~]$ setfacl -d -m u::rwx,g::-,o::- mydir/ [joe at machine ~]$ cd mydir [joe at

thanks for suggestion, in other words you use only ACLs for users denying all for groups, unfortunately we had many group such as domain users, secretary, finance, etc belonging to users for which we need to apply at least 770 in order to gain a simplified permission management using groups the actual dirty workaround I applied was to track new files/dir by tailing with follow ( tail -f ) a

We recently had a disk fail on one of our whitebox (SuperMicro) ZFS arrays (Solaris 10 U9). The disk began throwing errors like this: May 5 04:33:44 dev-zfs4 scsi: [ID 243001 kern.warning] WARNING: /pci at 0,0/pci8086,3410 at 9/pci15d9,400 at 0 (mpt_sas0): May 5 04:33:44 dev-zfs4 mptsas_handle_event_sync: IOCStatus=0x8000, IOCLogInfo=0x31110610 And errors for the drive were

Hi Vincent, have you found a solution that makes "force directory mode = 2770" able to apply to new created folders ? I have a similar problem: if I set by hand (eg. chmod 2770) the folder A and then I try to create an X element into that folder through samba I get the result needed ( group of X become overriden from parent folder A ) but the problem is that the new element X not

After a decent amount of online searches, I am a little bit lost on the subject of Samba4 in AD mode and ACL's. Could anybody help with the following please: 1. Is it correct that my default ACL's are being ignored (new files created don't follow the default ACL's permissions of the parent folder) because "inherit permissions = " is set to No by default in smb.conf?

I've gotten samba working with ACLs over an XFS filesystem. Everything works pretty well with knowledge of the workarounds (cannot remove group everyone, etc.) The only major problem I have is that ACLs don't inherit correctly. The default in Windows 2000 is to have a sub folder inherit the permissions of the folder it is in on creation. By default, the Samba share's folders don't

Hi, assume two folders (directory A and B) with the sgid-bit (2770) enabled, owned by different groups and located on the same samba-share with "inherit permissions" option enabled for the share: moving some files on a windows machine from directory A to dir B the group-ownership of the files do not change to the group owning directory B. Is this feature or bug? Copying works as

It might help if you view the default directory ACLs using the getfacl utility. These are what will be inherited by stuff created in the lower directories. I would ask yourself if you actually need ACLs at all. The Samba share permissions are pretty thorough and life is far easier without ACLs as you can clearly see what permissions are in use and backups are not an issue. ACLs can quickly

Hello I have a problem with POSIX ACLs. I have created a directory with these ACLs: > getfacl . # file: . # owner: testuser # group: tls user::rwx group::rwx group:ptls:r-x mask::rwx other::--- default:user::rwx default:group::rwx default:group:tls:rwx default:group:ptls:r-x default:mask::rwx default:other::--- When I create a file in it, it inherits the containing directory's default

Hello, I have a samba4 PDC and I would like to give access to linux and windows users the same home directory. -> On the server, samba seems respect the Unix rights and Acls on the shared file system with winbind. So I can control directly the rights for my samba4 users/groups with the standard unix tools (chown, chmod, setfacl...) -> On windows clients, everything works fine ! Acl, Dos

On Thu, 20 Dec 2018 01:32:16 -0800 christian russell <christian.baltini at gmail.com> wrote: > Hi Rowland, I see the typo now too — I retyped it from scratch … oops. > > Here it is. > > [global] > workgroup = HOME > netbios name = IPA > realm = HOME.FRAPLIN.FUN > kerberos method = dedicated keytab > dedicated keytab file =

These are the latests.. And the Why, Andrew already explain. Due to the mappings with windows acls. If the exec bit is missing, no windows programm will be allowed to start of a share. If i download an msi file to install and put it on a share, its not allowed to execute it. Which is exact what i want in my case. You might want to read