Files are not listed by smbd with vfs objects = acl_xattr and missing "read attributes" or "read extended attributes" permission bits when "hide unreadable" is enabled. (With NFS4 ACL filesystems this is working okay, there was however a similar bug, which was fixed with #15093 and #15507)
Hmm..... is this by design? See cc05f73872c36cd307da3d6fed200beb16d5c2a8 and #10252.
Windows 10 natively allows taking away "read attributes" permission without denying read access to the file. Taking away "read extendded attributes" permission takes away read permission. So we need to fix at least the "read attributes" case here.
(In reply to Björn Jacke from comment #2) Interesting! Have you run smb2.acls.ACCESSBASED against Windows 10?
no, I tested with with a local NTFS filesystem
Windows 10 with Access-Based Enumeration (ABE) enabled behaves the same as Samba currently does with hide unreadable enabled: If "read attributes" is denied, then the file content IS still readable but nevertheless the file is hidden. https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/29dfcc9b-3aec-406b-abb5-0b4fe96712e2 Describes this case. It is not really logical (and looks wrong to me) that a readable file is being not listed with "hide unreadable" or ABE enabled, but this is how it is currently.