The Samba-Bugzilla – Bug 10647
inherit acls = yes can ignore the set group id bit
Last modified: 2016-08-25 16:12:10 UTC
This problem shows up on both Linux and Solaris.
We have a setup where we want a group of users to be able to work in a common share. To do that I set up a group and made the users members of that group. I made the parent directory have that group as it's group and added an ACL to make sure that everyone in the group could create files there and modify any files there. I set the set group id bit so that any new files would get this group as it's group. I set the share to have inherit acls = yes so that the acl would be inherited and used. But with inherit acls = yes, the set group id bit is not honored.
For instance, for a directory with an ACL of:
# file: ../acltest
# owner: hwdesign
# group: hwdesign
And permissions set as:
drwxrwsr-x+ 6 hwdesign hwdesign 4096 2014-06-02 10:36 ../acltest/
A new folder (directory) is created with the following ACL
# file: test
# owner: schulz
# group: users
And the following permissions:
drwxrwsr-x+ 2 schulz users 4096 2014-06-02 10:35 test
Note that the expected and desired group should be hwdesign.
Also, if the directory is accessed as a NFS mount by the Samba server then the set group id bit is lost (not shown above).
We have the same problem here on Samba 4.1.11.
Problem also on Samba 4.2.3.
The problem still exists on Samba 4.4.0rc3.