Anyone know how to add ACL support to SAMBA?
lists.john at gmail.com
Fri Feb 29 16:23:45 GMT 2008
I'll experiment with this. I appreciate your advice.
On Thu, Feb 28, 2008 at 2:00 AM, Gavin McCullagh <gmccullagh at gmail.com> wrote:
> On Wed, 27 Feb 2008, john wrote:
> > I use samba to allow windows clients to access shares on our linux
> > file server. I'd like to enable support for ACLS so that I can use
> > windows permissions under linux.
> > Does anyone know how I can accomplish this. Do I need to recompile
> > SAMBA to support acls or is it a simple addition to smb.conf?
> I'm afraid it's not that simple at all at least as I understand it. There
> are two issues, one is ACLs (the ability to create lots of different
> permissions for lots of different users/groups), the other is windows
> permissions themselves.
> If you need ACLs on linux you can install the acl package², turn them on at
> the filesystem mounting and use them. Some details are here:
> If you look at "man smb.conf" you can search for ACL and see the various
> Permissions must be represented in the filesystem and unix filesystems have
> support for read, write, execute and the setuid/sticky bits. What samba
> does is a lossy translation of unix<->windows permissions as best it can.
> Windows permissions are substantially more granular than unix ones.¹ For
> example, there is no such thing as delete permission in unix, so (as far as
> I recall) a user given delete permissions on windows is given write
> permission on the underlying unix filesystem. You can try this out by
> setting a permission in windows, then close the window and go back in to
> see what permission really got stored.
> ¹ Some may argue that the extra granularity isn't particularly useful but
> that's a different and somewhat subjective question.
> gavinmc at ceartgoleor:~$ apt-cache show acl
> Package: acl
> Priority: optional
> Section: universe/utils
> Installed-Size: 220
> Maintainer: Ubuntu Core Developers <ubuntu-devel at lists.ubuntu.com>
> Original-Maintainer: Nathan Scott <nathans at debian.org>
> Architecture: i386
> Version: 2.2.42-1ubuntu1
> Depends: libacl1 (>= 2.2.11-1), libattr1 (>= 2.4.4-1), libc6 (>=
> Filename: pool/universe/a/acl/acl_2.2.42-1ubuntu1_i386.deb
> Size: 44562
> MD5sum: 6c2656880e828969b17123da433cfc04
> SHA1: 603371f286fce083a6a996897676371e3b5188f4
> SHA256: 72cf56fa97ab661c8254b6d69bbd8cc0ff0a80bf1cf05e7c412fa950228984b2
> Description: Access control list utilities
> This package contains the getfacl and setfacl utilities needed for
> manipulating access control lists.
> Bugs: mailto:ubuntu-users at lists.ubuntu.com
> Origin: Ubuntu
> gavinmc at ceartgoleor:~$ getfacl .xsession-errors
> # file: .xsession-errors
> # owner: gavinmc
> # group: gavinmc
> edubuntu-users mailing list
> edubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
More information about the edubuntu-users