On Friday 18 September 2009 02:06:41 pm Miguel Medalha wrote: > Please pardon me if I insist, but I am doing it with the interest of the > community in mind, not just bitching about it. > > > > I really don't see why this could not be implemented. Perhaps it goes > somewhat against established thinking but it really seems possible to me. > > NOTE: Perhaps we wouldn't even need a VFS module, only a smb.conf > parameter to switch the behavior of the samba daemon? Please note: all > disk operations would be done in the name of that special user, using > full permissions. Ownership and rights would then be "filtered" by the > adequate layer to be seen by clients in the appropriate way. > > Best regards > Miguel
Miguel (and others..) I've been dinking around with implementing this in my "spare time", using the existing 3.3 VFS ACL_xattr module as a guide. I *think* the number of modifications to get it to work that way are pretty minor, actually. Of course, I could be completely wrong because my C is very rusty and I'm not all that familiar with the Samba source code. Jeremy's idea is pretty straightforward; if you just discard any filesystem- level ACL operations, the existing xattr code should still work. Then, you can do some share definitions to force user & group ownership of everything, and hopefully walk away. If somebody who's better at it wants to work on the problem, that would be awesome, because I have little confidence in my own. But I'll keep at it and see what happens. Wes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba