Bug 12759 - smbd: files and directories created by admin users are owned by root if inherit acls is disabled
smbd: files and directories created by admin users are owned by root if inher...
Status: ASSIGNED
Product: Samba 4.1 and newer
Classification: Unclassified
Component: File services
4.6.3
All All
: P5 normal
: ---
Assigned To: Uri Simchoni
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-04-27 19:10 UTC by Uri Simchoni
Modified: 2017-04-28 11:48 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Uri Simchoni 2017-04-27 19:10:29 UTC
A user can be defined as an admin user on the share (listed in "admin users" or member of a group listed there). When serving an admin user, smbd runs as root.

That means when files / directories are created, the kernel creates them as owned by root, and that has to be fixed to prevent confusion.

If "inherit acls" is enabled (happens automatically when acl_xattr module is loaded), the Windows ACL inheritance mechanism causes new files and directories to have the correct POSIX owner, and that takes care of things also for the "root" case.

However, if "inherit acls" is disabled, there's no existing mechanism to fix the ownership, and the owner ends up being root.