Prev: No sound for Acer Aspire M3202 desktop computer on 32-bit kubuntu 8.04
Next: CUPS admin
From: Neil T. Dantam on 10 Sep 2009 16:17

I'm trying to use samba between two linux machines, and am having some
trouble getting it to handle default acls just right. Here is an
example:

ntd(a)server ~humanoids $ getfacl .
# file: .
# owner: root
# group: humanoids
user::rwx
group::rwx
other::---
default:user::rwx
default:group::rwx #effective:rw-
default:group:humanoids:rwx #effective:rw-
default:mask::rw-
default:other::---

ntd(a)server ~humanoids $ touch foo
ntd(a)server ~humanoids $ getfacl foo
# file: foo
# owner: ntd
# group: ntd
user::rw-
group::rwx #effective:rw-
group:humanoids:rwx #effective:rw-
mask::rw-
other::---

All is good so locally on the server machine. I have a default acl
and it gets set properly for the newly created file. But, when I'm on
the client...

ntd(a)client ~ $ sudo mount -t cifs -o \
username=ntd,acl,uid=ntd,gid=ntd \
//server/humanoids humanoids
ntd(a)client $ cd humanoids
ntd(a)client $ touch bar
ntd(a)client $ getfacl bar
# file: bar
# owner: ntd
# group: ntd
user::rw-
group::r--
group:humanoids:rwx
mask::rwx
other::r--

In this case, the acl mask (and group permissions) are not being set
properly. I've tried various combinations of Samba inherit acls,
inherit permissions, enable/disabling nt acls, and changing the create
mode option, but nothing seems to have much affect. I can still use
`setfacl bar' on the client to fix things up, but I'd really like for
the file to be created with the right permissions in the first place.

Does anyone have any insight into what's actually going on here?

--
Neil
From: Neil T. Dantam on 11 Sep 2009 10:22
Nico Kadel-Garcia wrote:
> On Sep 10, 4:34 pm, The Natural Philosopher <t...(a)invalid.invalid>
> wrote:
>> Neil T. Dantam wrote:
>
> Umm. Unless you've gone through the extra steps to set up genuine
> authentication, NFS has a couple of issues.
> ...

That's been my perception, and the reason I've tried to go with Samba.

> Neil, you didn't mention which Samba version you are using, and which
> Linux OS. It might make a difference on available options, although
> I've avoided the ACL complexities myself.

I'm using Debian Lenny, Samba 3.2.5, on the server, and Ubuntu Jaunty,
Samba 3.3.2, Kernel 2.6.28-15-generic, on the client.

--
Neil
From: Aragorn on 11 Sep 2009 11:42
On Friday 11 September 2009 16:22, someone identifying as *Neil T.
Dantam* wrote in /comp.os.linux.setup:/

> I'm using Debian Lenny, Samba 3.2.5, on the server, and Ubuntu Jaunty,
> Samba 3.3.2, Kernel 2.6.28-15-generic, on the client.

I seem to remember that the issue of Samba/CIFS not respecting
permissions has been corrected in kernel 2.6.30 from reading the
Changelog.

--
*Aragorn*
(registered GNU/Linux user #223157)
From: The Natural Philosopher on 11 Sep 2009 13:41
Aragorn wrote:
> On Friday 11 September 2009 16:22, someone identifying as *Neil T.
> Dantam* wrote in /comp.os.linux.setup:/
>
>> I'm using Debian Lenny, Samba 3.2.5, on the server, and Ubuntu Jaunty,
>> Samba 3.3.2, Kernel 2.6.28-15-generic, on the client.
>
> I seem to remember that the issue of Samba/CIFS not respecting
> permissions has been corrected in kernel 2.6.30 from reading the
> Changelog.
>
Has it by golly. Might be time to try it again then.

Again, thanks..
 | 
Pages: 1
Prev: No sound for Acer Aspire M3202 desktop computer on 32-bit kubuntu 8.04
Next: CUPS admin