Hi,
On Sat, 04 Dec 2010, Paul Murray wrote:
> Yet, as I found out today, if you sftp a file into a samba share as
> root, the samba user can only access it readonly! Seems to support
> Lisa's assertion that filesystem permissions will overide samba's
> acls.
As I understand it:
Samba usually translates between CIFS and unix ACLs. So, if you set
permissions on the filesystem, it's not that they over-ride the samba ACLs,
it's that they are the ACLs. If you set read access on a windows
workstation, samba will set that ACL on the filesystem. The trouble is
that the three bits (rwx) on a unix filesystem aren't sufficient to store
the full details of Windows ACLs. For example, you can't really store the
delete ACL, on a samba+unix filesystem (though in principal if you used an
NTFS filesystem on linux, you should be able to).
http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html#id2614541
This all assumes you have ACL support enabled on your filesystem. If you
don't, you can only have one user and group ACL.
Gavin
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
