[Pkg-samba-maint] Bug#410048: samba: Still no progress?

Fedor Piecka teplavoda at gmail.com
Mon Nov 24 09:28:44 UTC 2008 

Package: samba
Followup-For: Bug #410048


On actual stable version of Samba (3.0.24-6etch10), the problem is still present.

This is a mail I've sent to samba mailing list. It exposes the problem:

I have created a directory with these ACLs:

> getfacl .

# file: .
# owner: testuser
# group: tls
user::rwx
group::rwx
group:ptls:r-x
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:tls:rwx
default:group:ptls:r-x
default:mask::rwx
default:other::---

When I create a file in it, it inherits the containing directory's default ACLs and it's ACL mask is set to rw- (for directory it would be rwx), which essentialy marks it not executable.

> touch test

# getfacl test
# file: test
# owner: root
# group: root
user::rw-
group::rwx            #effective:rw-
group:tls:rwx            #effective:rw-
group:ptls:r-x            #effective:r--
mask::rw-
other::---

The problem arises when I create another file from a Windows machine on the network drive which points to the same directory. The mask stays rwx as for directory and file is executable what is bad in my opinion - why files created in Windows should be executable?

> getfacl test.txt          ### Empty text file created in Windows

# file: test.txt
# owner: hrubsa
# group: hrubsa
user::rwx
group::rwx
group:tls:rwx
group:ptls:r-x
mask::rwx
other::---

Relevant part of smb.conf:
    read only = No
    create mask = 0666
    security mask = 0666
    inherit acls = Yes
    map acl inherit = Yes
    map archive = No
    map readonly = no
    store dos attributes = Yes
    wide links = No

After setting inherit acls = No, the create/security mask were applied to standard unix permissions, but not on ACL entries.

> getfacl test2.txt

# file: test2.txt
# owner: hrubsa
# group: hrubsa
user::rw-
group::rw-
group:tls:rwx
group:ptls:r-x
mask::rwx
other::rw- 


-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-6-amd64
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

More information about the Pkg-samba-maint mailing list