Re: [Samba] Skip ACL checks
- Date: Fri, 17 Mar 2017 13:54:53 +0100
- From: Volker Lendecke via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Skip ACL checks
On Thu, Mar 16, 2017 at 05:38:57PM +0100, Christoph Kleineweber wrote:
> I am wondering if there is a way to bypass Samba's ACL checks and delegate
> access control completely to the underlying file system.
> My problem arises from the following scenario: Our file system implements
> ACLs that are to the best of my knowledge currently not readable by any of
> the existing VFS modules. When trying to access a file with an ACL going
> beyond the file's POSIX mode, access is denied by Samba. I guess this is
> caused by an mechanism to derive an NT ACL from the mode. Is there any
> possibility to skip Samba's permission checks?
Not really anymore. What you could do is provide a vfs module that
returns a "Everyone is allowed everything" ACL in the get_nt_acl call.
It would of course be much better to get a proper mapping. What do
your ACLs look like?
With best regards,
To unsubscribe from this list go to the following URL and read the