So the problem is that explicit permissions added to an inherited ACE look to also be coming from inheritance, when in reality they are not. The cause of this is that the EA only specifes the whether the UID/GID was inherited, it does not specify the ACEs for those UIDs/GIDs. This is especially problematic, because future changes to the ACE causes the explicit portion of the ACE to be cleared, and only the original inherited part is preserved. Win2k actually stores different ACEs for inherited permissions and explicit permissions, and they are || together for effective permissions, but the inherited ones are shown as "locked".
Will try again for RC3.
sorry. didn't mean to close it.
When using the map acl inherit = yes option to store whether the ACEs were inherited from parent, any *explicit* permission added to an inherited ACE makes the entire ACE look like it it's being inherited
can we do something with this one or close it out as won't fix ? or just set the priority to a p5 meaning that it might get done one day when everything else is fixed.
no work on this one. closing on wont fix.