Ich hätte eine Frage zu Samba und ACLs. Wir haben hier einen Fileserver, auf den per Samba zugegriffen wird, die User kommen aus einem LDAP.
Das Problem bei der Konfiguration ist, dass wenn ein User über Samba eine Datei anlegt die Mask der ACL auf r-- steht, statt auf rw-. Wenn man es über touch macht ist es richtig.
Ich hätte gedacht, dass
Code: Select all
inherit acls = Yes
inherit permissions = YesAnyways. Vielleicht hat mir hier jemand noch einen Hinweis, was ich probieren kann.
System: SuSE 11.4
Samba: 3.6.3
SMB.conf
Code: Select all
[global]
workgroup = PI5
server string = Default file storage
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
logon path = \\domain\dfs\users\%U\.msprofile
logon home = \\domain\dfs\users\%U
logon drive = P:
usershare allow guests = No
add machine script = /sbin/yast /usr/share/YaST2/data/add_machine.ycp %m$
set primary group script = /usr/sbin/usermod -g "%g" "%u"
# don't need syncronisation with external program since this is done with LDAP!!
unix password sync = no
domain logons = Yes
domain master = No
ldap delete dn = Yes
ldap passwd sync = Yes
passdb backend = ldapsam:ldap://ldap.mydomain.de
security = user
ldap admin dn = cn=Administrator,ou=PI5,dc=mydomain
local master = No
os level = 65
preferred master = No
# singning
server signing = No
client signing = Auto
use spnego = Yes
client use spnego = Yes
# ldap mapping
ldap group suffix = ou=group
ldap suffix = ou=PI5,dc=mydomain.de
ldap user suffix = ou=people
ldap machine suffix = ou=computers
ldap idmap suffix = ou=Idmap
idmap backend = ldap:ldap://ldap.mydomain.de
netbios name = plattenstar
wins support = No
smb ports = 139
# support for extended attributes
ea support = yes
store dos attributes = yes
ldap ssl = Off
[groups]
comment = All groups
path = /raid1/groups
read only = No
inherit acls = Yes
inherit permissions = Yes
csc policy = disable
Code: Select all
# file: asd
# owner: schlagmu
# group: users
user::rw-
group::r-x #effective:r--
group:SuperAtoms:rwx [b]#effective:rw-[/b]
[b]mask::rw-[/b]
other::r--
Code: Select all
# file: windows.txt
# owner: schlagmu
# group: users
user::rwx
group::r-x #effective:r--
group:SuperAtoms:rwx [b]#effective:r--[/b]
[b]mask::r--[/b]
other::r--
Code: Select all
# file: .
# owner: schlagmu
# group: users
user::rwx
group::rwx
group:SuperAtoms:rwx
mask::rwx
other::r-x
default:user::rwx
default:group::r-x
default:group:SuperAtoms:rwx
default:mask::rwx
default:other::r-x