Permissions behavior with acl and solaris
Hi, On a samba share I have: [home5] path = /home5 read only = No create mask = 0600 Under win2k, if a user create a file in this share, it has well the unix permissions 0600 and the correct correspondence under win2k (no permission for the group and everyone). All is well. So now, if the user modifies the file with gvim.exe for example. I note that the permission are deeply modified. I can see now that the user "root" (???) is present twice: once with no permission and once with read and write permissions ! The acls Unix are thus modified: BEFORE: lct5{root}[/home5]: getfacl n600.txt # file: n600.txt # owner: guy # group: lct user::rw- group::--- #effective:--- mask:--- other:--- AFTER: lct5{root}[/home5]: getfacl n600.txt # file: n600.txt # owner: guy # group: lct user::rw- user:root:rw- #effective:rw- group::--- #effective:--- group:root:--- #effective:--- mask:rwx other:--- How to avoid this behavior ? In a general way i don't understand well the equivalence of the permissions managed by samba between Win2k and Unix (with or without support acl). Where can i found information above it ? Note : i use samba2.2.5 with solaris 2.8. Compilation with gcc 2.95 and enabled acls... Thank you -- Guy Roussin
NT permissions
[Sorry, i post this message on samba list last week but without success] Hello, I try to use NT permissions on 2 Sun Solaris with ACL and samba 2.2.5. I configure samba --with-acl. I can modify permissions on the PDC (security = USER). But on the other one (XYZ) (security = SERVER and password server = PDC) i get an error message when i click on the ADD button (property of a file/Security) "The selector of object cannot be open because it cannot determine if XYZ belong to a domain" (sorry, bad translation from win2k-french message) Thanks for any hints. Guy Roussin --French version Bonjour, Je souhaite utiliser le support des droits windows NT sur des partages windows hébergés sur 2 stations Solaris 8 en utilisant les ACL et samba 2.2.5. Je configure samba avec l'option --with-acl avant compilation, installation, ... J'arrive à faire marcher cette fonctionnalité sans probleme si la station Solaris qui abrite les partages dont je veux gérer les droits est PDC (security = USER dans smb.conf). Par contre sur la station non-PDC (security = SERVER) qui utilise la station PDC (password server = PDC) pour l'authentification, j'ai un message d'erreur lorsque j'essaye d'ajouter des droits windows sur les partage de cette station non PDC: "Le Sélecteur d'objet ne peut pas être ouvert car il ne peut déterminer si 'non-PDC' appartient à un domaine". Visiblement un problème d'authentification de cette machine sur le domaine ? J'ai essayé d'authentifier cette station avec une méthode comparable à ce qui se fait pour des WinNT/2K mais sans succès (useradd ... non-PDC$ pui smbpasswd -a -m non-PDC ). Rien n'y fait. Quelqu'un peut-il me donner une piste ? Merci beaucoup. -- Guy Roussin
Re: Samba 2.2.3a --with-nisplussam
Hi Jerry, Very interesting. Who maintain NIS+ features outside the Samba Team ? Thanks Guy Roussin Gerald Carter wrote: > > On Tue, 30 Apr 2002 [EMAIL PROTECTED] wrote: > > > Hi all, > > > > I'm trying to set up Samba Server that uses NIS+ for user and group > > information. It's a Solaris 7 intel box. I configured it with the > > following switches: > > ./configure --prefix=/usr/local --sysconfdir=/etc/samba > > --localstatedir=/var/samba --with-privatedir=/etc/samba > > --with-lockdir=/var/samba/locks --with-swatdir=/usr/local/share/samba/swat > > --with-configdir=/etc/samba > > --with-codepagedir=/usr/local/share/samba/codepages > > --with-logfilebase=/var/samba/log --with-nisplussam --with-acl-support > > --without-winbind --with-quotas > > > > It compiled fine after I corrected passdb/pdb_nisplus.c:346: macro > > `pstrcpy' used with too many (3) args (just deleted the "false"). > > This should all be fixed in 2.2.4. Please retest. Thanks. > > > That's it for now. Is anyone out there using the NIS+ Features in Samba? > > Very few. and it is maintained by people outside the Samba Team. > > cheers, jerry > - > Hewlett-Packard http://www.hp.com > SAMBA Team http://www.samba.org > --http://www.plainjoe.org > "Sam's Teach Yourself Samba in 24 Hours" 2ed. ISBN 0-672-32269-2 > --"I never saved anything for the swim back." Ethan Hawk in Gattaca--