On Fri, 2009-01-30 at 14:43 -0800, Jeremy Allison wrote: > On Fri, Jan 30, 2009 at 10:32:55PM +0000, Miguel Medalha wrote: > > > >> Volker's changes are correct, in that delete access in POSIX does not > >> belong to a file itself, but to the containing directory. So really > >> we should remove the DELETE_ACCESS bit from both the file and the > >> directory ACL returned. > > > > Without having the deep knowledge you have about this, it seems to me > > that this statement is indeed correct but... > >> This unfortunately breaks the fiction of a rwx permission mapping directly > >> into Windows FULL_CONTROL. > > > > I can live with that as long as can can set full permissions for users. > > The ideal would be: > > > > 'map acl full control = yes' -> do what it describes > > > > 'map acl full control = no' -> enable us to set the "Delete" permission > > (and others) separately. > > > > The problem with 3.3.0 is that I cannot set the delete permission and as > > such users with rwx at the filesystem level cannot delete the files. > > Ok, I'm preparing a patch for this. Effectively, we should > remove the "map acl full control" parameter as it now longer > has any use except to break things. I'll mark it deprecated > with the patch.
Jeremy, would it make sense to set the delete bit (or even full control) depending on whether the user has write control over the parent directory ? Maybe make this behavior could be triggerd by "map acl full control". Simo. -- Simo Sorce Samba Team GPL Compliance Officer <s...@samba.org> Principal Software Engineer at Red Hat, Inc. <s...@redhat.com> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba