Permissions behavior with acl and solaris
Hi,
On a samba share I have:
[home5]
path = /home5
read only = No
create mask = 0600
Under win2k, if a user create a file in this share, it has well the unix permissions
0600
and the correct correspondence under win2k (no permission for the group and everyone).
All
is well.
So now, if the user modifies the file with gvim.exe for example. I note that the
permission
are deeply modified. I can see now that the user "root" (???) is present twice: once
with
no permission and once with read and write permissions !
The acls Unix are thus modified:
BEFORE:
lct5{root}[/home5]: getfacl n600.txt
# file: n600.txt
# owner: guy
# group: lct
user::rw-
group::--- #effective:---
mask:---
other:---
AFTER:
lct5{root}[/home5]: getfacl n600.txt
# file: n600.txt
# owner: guy
# group: lct
user::rw-
user:root:rw- #effective:rw-
group::--- #effective:---
group:root:--- #effective:---
mask:rwx
other:---
How to avoid this behavior ?
In a general way i don't understand well the equivalence of the permissions managed
by samba between Win2k and Unix (with or without support acl). Where can i found
information above it ?
Note : i use samba2.2.5 with solaris 2.8. Compilation with gcc 2.95 and enabled
acls...
Thank you -- Guy Roussin
NT permissions
[Sorry, i post this message on samba list last week but without success] Hello, I try to use NT permissions on 2 Sun Solaris with ACL and samba 2.2.5. I configure samba --with-acl. I can modify permissions on the PDC (security = USER). But on the other one (XYZ) (security = SERVER and password server = PDC) i get an error message when i click on the ADD button (property of a file/Security) "The selector of object cannot be open because it cannot determine if XYZ belong to a domain" (sorry, bad translation from win2k-french message) Thanks for any hints. Guy Roussin --French version Bonjour, Je souhaite utiliser le support des droits windows NT sur des partages windows hébergés sur 2 stations Solaris 8 en utilisant les ACL et samba 2.2.5. Je configure samba avec l'option --with-acl avant compilation, installation, ... J'arrive à faire marcher cette fonctionnalité sans probleme si la station Solaris qui abrite les partages dont je veux gérer les droits est PDC (security = USER dans smb.conf). Par contre sur la station non-PDC (security = SERVER) qui utilise la station PDC (password server = PDC) pour l'authentification, j'ai un message d'erreur lorsque j'essaye d'ajouter des droits windows sur les partage de cette station non PDC: "Le Sélecteur d'objet ne peut pas être ouvert car il ne peut déterminer si 'non-PDC' appartient à un domaine". Visiblement un problème d'authentification de cette machine sur le domaine ? J'ai essayé d'authentifier cette station avec une méthode comparable à ce qui se fait pour des WinNT/2K mais sans succès (useradd ... non-PDC$ pui smbpasswd -a -m non-PDC ). Rien n'y fait. Quelqu'un peut-il me donner une piste ? Merci beaucoup. -- Guy Roussin
Re: Samba 2.2.3a --with-nisplussam
Hi Jerry, Very interesting. Who maintain NIS+ features outside the Samba Team ? Thanks Guy Roussin Gerald Carter wrote: > > On Tue, 30 Apr 2002 [EMAIL PROTECTED] wrote: > > > Hi all, > > > > I'm trying to set up Samba Server that uses NIS+ for user and group > > information. It's a Solaris 7 intel box. I configured it with the > > following switches: > > ./configure --prefix=/usr/local --sysconfdir=/etc/samba > > --localstatedir=/var/samba --with-privatedir=/etc/samba > > --with-lockdir=/var/samba/locks --with-swatdir=/usr/local/share/samba/swat > > --with-configdir=/etc/samba > > --with-codepagedir=/usr/local/share/samba/codepages > > --with-logfilebase=/var/samba/log --with-nisplussam --with-acl-support > > --without-winbind --with-quotas > > > > It compiled fine after I corrected passdb/pdb_nisplus.c:346: macro > > `pstrcpy' used with too many (3) args (just deleted the "false"). > > This should all be fixed in 2.2.4. Please retest. Thanks. > > > That's it for now. Is anyone out there using the NIS+ Features in Samba? > > Very few. and it is maintained by people outside the Samba Team. > > cheers, jerry > - > Hewlett-Packard http://www.hp.com > SAMBA Team http://www.samba.org > --http://www.plainjoe.org > "Sam's Teach Yourself Samba in 24 Hours" 2ed. ISBN 0-672-32269-2 > --"I never saved anything for the swim back." Ethan Hawk in Gattaca--
