On Tue, 2012-05-08 at 19:05 +0200, steve wrote: > On 08/05/12 14:11, Andrew Bartlett wrote: > > On Tue, 2012-05-08 at 11:39 +0200, steve wrote: > >> On 05/08/2012 10:19 AM, Andrew Bartlett wrote: > >>> On Tue, 2012-05-08 at 08:45 +0200, steve wrote: > >>>> On 05/08/2012 06:24 AM, Andrew Bartlett wrote: > >>>>> On Fri, 2012-05-04 at 12:27 +0200, steve wrote: > >>>>> > > > This will only happen if you do not have the acl headers available at > > configure time. Install libacl-devel (or equivalent) and rebuild. > > > > I added exactly this check to ensure that you quickly find and fix this > > issue, rather than wasting time wondering 'why does this not work'. > > > Hi > Thanks. libacl1-dev got us there: Ubuntu LTS > > It's much more predictable than ntvfs but: > > A share set up 0750 root:staff can be entered by anyone, staff group > member or not. A file 0660 root staff is not accessible by a staff > member. Ahhgghh!! > > The same share via nfs to Linux works as expected. > > Maybe this is still too early to test?
My understanding is that we honour any ACL set by the NTVFS server first, but that of course the NTVFS server didn't set posix ACLs to match. If you change it via the Windows GUI, it should change both now. As to a share 0660 - indeed, no user/group should be able to enter that directory, as no user/group (except the owner, by override rights) has the right to enter it. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba