LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Fedora
User Name
Password
Fedora This forum is for the discussion of the Fedora Project.

Notices

Reply
 
Search this Thread
Old 06-17-2005, 02:34 AM   #1
jabran
LQ Newbie
 
Registered: Jun 2005
Distribution: Ubuntu 6.06
Posts: 20

Rep: Reputation: 0
Angry Fedora Core 3, Windows ACLs, POSIX ??


Hello all,

I am able to do login authentication from Active directory (W2k server) on Fedora Core3 using Samba 3.0.14a.

Now I want set linux share permissions using Windows ACLs. In samba documentation its mentioned that it requires POSIX support and its not included in most of the distributions by default. My question is:

- How to know if POSIX ACL support is available? Through which commands or configuration checking?

- Is Fedora Core3 POSIX support by default? If no, then how to patch it?

Apparent from the samba documentation it seems that if POSIX support is enabled then setting share permissions is no more that simply using the Computer Management Console. I am wondering if it will be so simple after POSIX (and It will be quite relief if it is so! )

Thanks everyone for any suggestions.

Regards,
Jabran
 
Old 06-17-2005, 11:53 AM   #2
hampeh
LQ Newbie
 
Registered: Mar 2005
Distribution: fedora, slackware
Posts: 16

Rep: Reputation: 0
Posix ACL is enable in fc3. you can try the command with getfacl directory/filename

I have been having this problem for the past 2 -3 weeks to set permission for samba user, try to search for more info about it.... i have finally rule out that eventhough with POSIX ACL you cant do exactly like Win ACL. this is due to the rwx permission in unix.

for example if you allow the user to edit/write and disable delete.. this option is only available in windows. As for samba, this particular permission could not be use because of the unix rwx permission, but if you just want to use as basic configuration that it is not a problem.

you can use your computer management console to connect to the samba server, but the permission is limited, and dont expect it to work exactly like windows.

hope this helps.
 
Old 06-20-2005, 02:33 AM   #3
jabran
LQ Newbie
 
Registered: Jun 2005
Distribution: Ubuntu 6.06
Posts: 20

Original Poster
Rep: Reputation: 0
Quote:
Originally posted by hampeh
Posix ACL is enable in fc3. you can try the command with getfacl directory/filename

I have been having this problem for the past 2 -3 weeks to set permission for samba user, try to search for more info about it.... i have finally rule out that eventhough with POSIX ACL you cant do exactly like Win ACL. this is due to the rwx permission in unix.

for example if you allow the user to edit/write and disable delete.. this option is only available in windows. As for samba, this particular permission could not be use because of the unix rwx permission, but if you just want to use as basic configuration that it is not a problem.

you can use your computer management console to connect to the samba server, but the permission is limited, and dont expect it to work exactly like windows.

hope this helps.
Thanks for your reply. Can you please provide some more information about the steps to access windows shares from Linux for setting ACLs, and any other related configuration to enale Samba using ACls?

I have all directories mounted under same partition, with ACL not enabled on the partition. I found this article http://www.vanemery.com/Linux/ACL/linux-acl.html to enable ACL on partitions. I didn't enabled ACL on the existing FC3 partition to avoid risk of blocked booting. Instead, I installed a new CentOS Linux distribution with "/home" on a separate partition, and remounted the partition wit ACL support according to steps in the above mentioned article.

After these steps, I am able to set ACLs on linux using setfacl commands, but still, Windows is not able to set any share permissions. When I try to set permissions from windows, access is denied while saving the permissions.

I will appreciate a lot if you can share the procedure that you followed for conifguration of Windws based ACLs .

Thanks.
 
Old 06-20-2005, 03:31 AM   #4
jabran
LQ Newbie
 
Registered: Jun 2005
Distribution: Ubuntu 6.06
Posts: 20

Original Poster
Rep: Reputation: 0
And somehting additional notes .....

Also, its not possible to create a new share on Linux using Computer Management Console from Windows. I also observed that despite I have also set "root = administrator" in smbusers file on linux, if I login as domain administrator on Linux box, I donot have all root rights. Do I need to do something more to enable domain Administrator user to gain equual rights of the root user?

Thanks for any help.
 
Old 06-23-2005, 06:41 AM   #5
hampeh
LQ Newbie
 
Registered: Mar 2005
Distribution: fedora, slackware
Posts: 16

Rep: Reputation: 0
to enable ACL you should edit /etc/fstab.

for example if you like to share your /home partition.

the config should like this:

LABEL=/home /home ext3 defaults 1 2

replace to

LABEL=/home /home ext3 rw,acl 1 2

then reboot your system (i reboot the system), or you can mount it with mount -v -o partition.

#Make sure, that your samba is running and you are able to log in into it. if not set your smbpasswd -a username.

When login click your under system maintenance i think, cant really remember it. connect the computer management to your samba server, then you may edit the ACL from windows.

Hope this helps.
 
Old 06-23-2005, 06:55 AM   #6
jabran
LQ Newbie
 
Registered: Jun 2005
Distribution: Ubuntu 6.06
Posts: 20

Original Poster
Rep: Reputation: 0
Thanks for your response. I already made the change in fstab file and rebooted the system. After that I was able to set ACLs on Linux using setfacl commands, but not from windows.

Samba is running, and configured for active directory authentication, as I am able to login using active directory account on the linux box.

But as I mentioned in my last post, as I think, the windows' administrator user should have root rights on linux, but when I log in using windows administrator's account on Linux, it does not has root rights. And perhaps for the same reason it does not allow form the windows Computer Management Console to change ACL?

What could be going wrong?

Thanks for any further information.
 
Old 06-24-2005, 10:01 PM   #7
hampeh
LQ Newbie
 
Registered: Mar 2005
Distribution: fedora, slackware
Posts: 16

Rep: Reputation: 0
You can use samba administration user, as for me i add another user using the login Admin. To login make sure that you are connected to the domain to make the changes. You can't edit it if your windows client is not logged in the domain.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ACLs through NFS in Fedora Core 3 grimpy Linux - Networking 1 11-10-2005 12:41 AM
Windows XP Fedora Core 2 blufire Fedora 4 01-02-2005 12:57 PM
Fedora Core 3 and Windows XP Partitions harley51 Fedora 6 11-29-2004 07:01 PM
Fedora Core 2 and Windows partitions shankariyer Fedora 3 08-30-2004 11:52 PM
Can't X windows in Fedora Core 2 elg_rein Linux - Hardware 2 06-02-2004 02:53 PM


All times are GMT -5. The time now is 09:00 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration