Using Samba with ACLs
I have an Ubuntu 7.04/Feisty Fawn box set up as a server running (among other things) Samba. I use user security and I have ACL's up and running correctly on the box.
The issue is that my Samba server only respects the group permissions for the primary group membership on the share. For example, if I have a share Public, which points to /share/public, and there are two group defined as: Public-RW: bob (with rwx) and Public-RO: shelly (with r-x) ...bob will have correct access to the share, but shelly does not. I'm certain it's something in my smb.conf file, but I'm not able to figure out what. My smb.conf reads like: [global] panic action = /usr/share/samba/panic-action %d workgroup = eagle netbios name = eagle invalid users = root security = user #username map = /etc/samba/smbusers guest account = nobody wins support = no log file = /var/log/samba.log log level = 3 max log size = 1000 syslog = 1 encrypt passwords = true passdb backend = smbpasswd socket options = TCP_NODELAY dns proxy = no passwd program = /usr/bin/passwd %u passwd chat =*Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . obey pam restrictions = yes pam password change = no null passwords = no # ACL Setup inherit permissions = yes inherit acls = yes map acl inherit = yes #Share Definitions # [Private] comment = Private Shares browseable = yes security mask = 0770 writable = yes path = /home create mask = 0770 [Public] comment = Public Shares browseable = yes security mask = 0700 writable = yes path = /share create mask = 0764 |
You're shure the ACL Setup belong into the GLOBAL Section of the conf?
I have a Samba 3.0.24 running in an NT 4 domain as a member server with Windows-ACL's working as expected on the XP-Clients. But i have put the corresponding [share] section of the smbd.conf Code:
[global] (Oh and i use winbind to map the NT users to valid Linux userid's, but should be of no concern) |
All times are GMT -5. The time now is 12:34 AM. |