Bug 1318 - hide unreadable = yes is not honoring user entries in ACL lists
Summary: hide unreadable = yes is not honoring user entries in ACL lists
Status: RESOLVED FIXED
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: File Services (show other bugs)
Version: 3.0.6
Hardware: s390 Linux
: P3 normal
Target Milestone: none
Assignee: Gerald (Jerry) Carter (dead mail address)
QA Contact:
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-05-03 13:35 UTC by Thomas M Steenholdt
Modified: 2006-04-14 14:49 UTC (History)
3 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas M Steenholdt 2004-05-03 13:35:52 UTC
If a user is permitted access to a directory based on a user entry in an ACL
list, he will not be able to see the directory in the dirlist from the client,
even if given full control, the directory is still kept hidden from him...

I cannot reproduce this behaviour on intel linux.

F.eks. logged in as user test, this dir is hidden:
(The user test is NOT a member of the testgrp group)

# file: dir3
# owner: root
# group: root
user::---
user:test:rwx
group::---
group:users:---
group:testgrp:rwx
mask::rwx
other::---
default:user::---
default:user:test:rwx
default:group::---
default:group:testgrp:rwx
default:mask::rwx
default:other::---
Comment 1 Jim McDonough 2004-05-12 17:28:46 UTC
This is due to a problem in constructing the NT token...the user and group sids
are from the local server instead of the domain.  This is likely due to a
winbind issue.  

Traces from this customer have shown that local smbclient connection works
correctly (and the SIDs are the domain-based SIDs that are expected), while
connection from a Windows client does not work.  It may be realted to bug #1315
Comment 2 Gerald (Jerry) Carter (dead mail address) 2004-05-27 17:25:27 UTC
This is s390 right ?
Comment 3 Kamil Christ 2004-08-26 09:16:49 UTC
I have the same problem on x86 machine (AMD Duron), RedHat 8.0, kernel 2.4.27 
with ACL support on ext3, samba 3.06 with ACL support and local user database.
Comment 4 Gerald (Jerry) Carter (dead mail address) 2004-08-26 09:31:21 UTC
taking this one over.
Comment 5 Gerald (Jerry) Carter (dead mail address) 2004-08-26 09:32:08 UTC
Updating version since it has been reported at least a 
couple of times against 3.0.6
Comment 6 Volker Lendecke 2006-04-11 10:55:52 UTC
The NT token creating code has changed dramatically post-3.0.22 for 3.0.23. If anybody is still interested in this bug, please retest against current 3_0.

Volker
Comment 7 Gerald (Jerry) Carter (dead mail address) 2006-04-14 14:49:47 UTC
closing