When attempting to set "R" permission with "setcifsacl", "RX" (equivalent to "READ") is set instead: ------------------------------ mcrw1:/TCS # getcifsacl testfile REVISION:0x1 CONTROL:0x8004 OWNER:VPTC3\cifsuser GROUP:VPTC3\Domain Users ACL:VPTC3\Domain Admins:ALLOWED/0x0/RWDPO ACL:VPTC3\cifsuser:ALLOWED/0x0/RWDPO mcrw1:/TCS # mcrw1:/TCS # setcifsacl -a "ACL:VPTC3\mveil:ALLOWED/0x0/R" testfile mcrw1:/TCS # mcrw1:/TCS # getcifsacl testfile REVISION:0x1 CONTROL:0x8004 OWNER:VPTC3\cifsuser GROUP:VPTC3\Domain Users ACL:VPTC3\Domain Admins:ALLOWED/0x0/RWDPO ACL:VPTC3\cifsuser:ALLOWED/0x0/RWDPO ACL:VPTC3\mveil:ALLOWED/0x0/READ # --> not ok, should be "R" mcrw1:/TCS # mcrw1:/TCS # rm testfile ; touch testfile mcrw1:/TCS # mcrw1:/TCS # setcifsacl -a "ACL:VPTC3\mveil:ALLOWED/0x0/RX" testfile mcrw1:/TCS # mcrw1:/TCS # getcifsacl testfile REVISION:0x1 CONTROL:0x8004 OWNER:VPTC3\cifsuser GROUP:VPTC3\Domain Users ACL:VPTC3\Domain Admins:ALLOWED/0x0/RWDPO ACL:VPTC3\cifsuser:ALLOWED/0x0/RWDPO ACL:VPTC3\mveil:ALLOWED/0x0/READ # --> ok mcrw1:/TCS # ------------------------------
can someone of the cifs vfs developers please have a look? Generlly much of the cifsacl stuff is really nice bug with the outstanding bugs, some of those that Micah reported, cifs vfs with NT ACLs is just not usable and people who *need* to use full NT ACLs with a POSIX client have no other option than using a different OS with native NFS4 ACLs support like FreeBSD currently.