Web lists-archives.com

Re: [Samba] Samba 4.5: trying to setup an omnios system as a DC member




On Wed, 20 Jun 2018 09:15:19 +0200
Andrea Cucciarrè <acucciarre@xxxxxxxxxxxx> wrote:

> Hello Rowland,
> 
> thanks, configuring the uidNumber and gidNumber on the AD fixed the 
> issue, now getent passwd works.
> I just have one remaining issue, it seems the ACL doesn't work.
> As an example when I set ACL with full permission for user andrea:
> 
> # /usr/bin/ls -ldV /cache/testsamba/
> d---------+  3 root     root           5 Jun 19
> 19:40 /cache/testsamba/ user:andrea:rwxpdDaARWcCos:fd-----:allow

Omnios seems to have a different 'ls' to Linux, which doesn't have the
'V' switch. What is the filesystem ? ext4 ? and does it understand
'acls' & 'attrs' as in 'acl_xattr' ?

If you look closely at the directory permissions, you will see a '+'
sign, on Linux this would mean an extended acl is in use, so what does
'getfacl /cache/testsamba' show ?

> 
> the user andrea can't mount the share.
> I have added the following entry in smb.conf for ACL:
> 
>      vfs objects = acl_xattr
>      map acl inherit = Yes
>      store dos attributes = Yes
> 
> and the directory is shared as follow:
> 
> [testsamba]
> available = yes
> browsable = yes
> path = /cache/testsamba
> read only = no
> 
> am I missing something?
> 

Well, only that the first two lines are default settings ;-)
Also that this setup is for using Windows ACLs, reading this might help:

https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs

Or this if you want to use POSIX ACLs:

https://wiki.samba.org/index.php/Setting_up_a_Share_Using_POSIX_ACLs

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba