Bug 1865 - Directory permissions not showing up in NT acl editors
Directory permissions not showing up in NT acl editors
Status: RESOLVED DUPLICATE of bug 1220
Product: Samba 3.0
Classification: Unclassified
Component: File Services
All Linux
: P3 major
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
Depends on:
  Show dependency treegraph
Reported: 2004-10-01 13:31 UTC by Sean OMeara
Modified: 2004-11-24 18:16 UTC (History)
2 users (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Sean OMeara 2004-10-01 13:31:47 UTC
Sorry if this has been submitted before, but I couldnt find it in bugzilla

Normal Unix permissions on directories dont seem to be showing up in NT acl
editors. (xp, win2k) Setting the checkboxes, and clicking okay or apply, acually
changes the permissions on the filesystem, but they cannot be seen from in the

When I turn on the extended ACLs, anything that has to be set with setfacl shows
up fine. Also, regular file permissions great as well.

Ive confirmed this behaviour with a few others.

compile flags and smb.conf:




#log level = 10
workgroup = domainname
server string = serv-0

log file = /var/log/samba/log.%m

ldap passwd sync = yes
passdb backend = ldapsam:ldap://
ldap admin dn = cn=manager,dc=internal,dc=domain,dc=com
ldap suffix = dc=internal,dc=domain,dc=com
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers

nt acl support = yes
create mask = 600
directory mask = 0700
force directory mode = 0700

obey pam restrictions = yes
#ldap ssl = start_tls

socket options = TCP_NODELAY

os level = 100
wins support = yes
domain logons= yes
local master = yes
domain master = yes
preferred master = yes
logon script = logon.bat
#logon path = "\\serv-0\%U\profile"
logon path =

add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
delete user script = /usr/local/sbin/smbldap-userdel "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/local/sbin/smbldap-groupdel "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"

#============================ Share Definitions ==============================
	comment = Home Directories
	browseable = no
	writable = yes
	comment = Network Logon Service
	path = /usr/local/samba/lib/netlogon
	browsable = no
	guest ok = no
	writable = no
	share modes = no
	path = /usr/local/samba/profiles
	browseable = no
	writable = yes
	guest ok = no
	path = /stor
	browseable = yes
	writable = yes
	guest ok = no
Comment 1 Sean OMeara 2004-10-01 13:45:15 UTC
mount options:

/dev/sda3 on /home type xfs (rw)
/dev/sda4 on /stor type xfs (rw)
Comment 2 Hugh Caley 2004-10-01 13:58:27 UTC
I have the same problem on both Samba 3.0.7 and 2.2.8.  Home directory mounted
over nfs with rw,intr,rsize=8192,wsize=8192
Comment 3 Hugh Caley 2004-10-01 15:32:20 UTC
same behaviour on NFS mounted reiserfs share from Linux server and NFS mounted
share from EMC datamover
Comment 4 Sean OMeara 2004-10-01 15:48:26 UTC
Its been brought to my attention that my entry was a little but "unsharp" ;)

The filesystem is XFS on linux 2.6.8

Rightclick on a directory, go to the security tab, the checkboxes will all be
blank. check them and apply them, it makes the changes on the filesystem, but
they are still blank in the acl editor.

This only happens on directories.
The normal vanilla unix permissions that can be set with chmod are the ones that
are being funky.
The extended posix acls show up fine. For example, if you were to add another
user or group and set permissions, they can be viewed after applying the changes.

On a non-acl patched reiserfs partition, the same thing happens. (except the
extended acls obviously dont work)

Here is a link to a debug=10 log file

Here is a link to a tcpdump:

Comment 5 Hugh Caley 2004-10-01 16:33:14 UTC
Same problem using Samba 3.0.7 with a local ext3 filesystem on Linux (Fedora
Core 2, kernel 2.6.8), mounted with "defaults" fstab options, and with local
ext3 filesytem using Samba 2.2.8 on linux host with 2.4 kernel and "defaults"
Comment 6 Sean OMeara 2004-10-02 19:58:35 UTC
Same behaviour on openbsd 3.5, ffs filesystem, samba 3.0.7, default ./configure,
tsbsam backend.

config file:
   workgroup = evil
   server string = sorta
   security = user
   load printers = yes
   log file = /usr/local/samba/var/log.%m
   max log size = 50
   passdb backend = tdbsam
   socket options = TCP_NODELAY 
   dns proxy = no 

   comment = Home Directories
   browseable = no
   writable = yes

   comment = All Printers
   path = /usr/spool/samba
   browseable = no
   guest ok = no
   writable = no
   printable = yes

Also happens on openbsd 3.5, samba 3.0.4, 3.0.2, and 2.2.8
Comment 7 Richard Michael 2004-10-29 16:54:29 UTC
This occurs on my system as well, Samba 3.0.7, stock Linus kernel 2.4.27 built
on Slackware 10.  The filesystem is reiserfs (v3), in an LVM managed raid1 md.

Clients are XP Pro SP1, up to date patches (October 29, 2004).
Comment 8 Guenther Deschner 2004-11-24 18:16:35 UTC

*** This bug has been marked as a duplicate of 1220 ***