--- [EMAIL PROTECTED] wrote: > In samba now, you can > have read list or write list and say this user > and/or group has write > and/or this user and/or group has read only. This > is a scaled down > version of an acl. What if they created a folder > called acl's and had one > file called no access, one file called read, write, > change, and full. An > entry inside these files could look similar to: > /data = @domain admin, john, steve > /data/accounting = @domain admin, @accounting, bob > > if these entries were in the change file then samba > would restrict him > accordingly. I have been trying to get acl's to > work and it has been > difficult to work. I have been thinking that maybe > samba could do this > for us without having to count on other pieces of > software.
Hi David, I'm just a system engineer/admin, not a programmer either, but from what I've seen, Samba uses User Group Other permissions, which map to normal UGO Unix permissions stored in the file on the filesystem. These basic permissions are sufficient for many uses, as you can put many users in a group to access a directory or file. Unix basically uses this everywhere, as it's quite flexible. When you're using the acl patches for EXT2/3 (from acl.bestbits.at) or you use a filesystem with native ACL support like XFS, and you compile Samba --with-acl-support, you get full NT ACL support, where you'll see several groups accessing a file with different permissions. We're using this on several servers. You must remember to remount your filesystems with the acl option, and put it in your fstab. Either way, Samba relies on the file system to store these settings. This is exactly the same as in the NT world. You might have a FAT partition share where the only permissions are share-level permissions (similar to read/write lists in smb.conf). If you have an NTFS share, file permissions are stored on the file system and combine with share-level permissions. For more instructions on adding POSIX ACL support, search marc.theaimsgroup.com for similar instructions I'd given about this to other Samba users. I learned most of what I know now from "Teach Yourself Samba in 24 Hours," a Sam's book, but I just found out there's a new O'Reilly "Using Samba" out this month which should contain more current and perhaps more thorough information. Also, check out acl.bestbits.at. Good luck, /dev/idal __________________________________________________ Do you Yahoo!? Yahoo! Shopping - Send Flowers for Valentine's Day http://shopping.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba