Bug 5562 - couldn't delete ACL entries
couldn't delete ACL entries
Status: RESOLVED DUPLICATE of bug 5561
Product: Samba 3.0
Classification: Unclassified
Component: winbind
3.0.28
x86 FreeBSD
: P3 normal
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2008-06-24 05:36 UTC by murzeg
Modified: 2008-06-24 06:03 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description murzeg 2008-06-24 05:36:49 UTC
Couldn't delete ACL entries on directory from Windows XP clients (through Permissions tab).
When deleting any ACE group or user it disappears till pressing Apply button, when applying it appears again. No notifications such "Access denied" doesn't appear.

Strange thing when removing ACL through FreeBSD (file server itself). Applying "setfacl -b" on directory removes all ACL exept default, BUT from Windows client, it still seen like it wasn't removed (only permissions checkpoints removed from that ACE).

This bug absolutely doen't appear in Samba 3.0.24, but in this version another bug with "ACL set when group being set is the primary group" appears, and it fixed only after version 3.0.28

File server OS - FreeBSD 6.3
Samba 3.0.28
--with-ads
--with-ldap
--with-acl-support
--with-winbind

User database stores on W2k3 server AD

#Conf files

#/etc/krb5.conf

[libdefaults]
	default_realm = MYDOMAIN.LOCAL
	default_tkt_enctypes = rc4-hmac des3-cbc-sha1 des-cbc-crc des-cbc-md5
	default_tgs_enctypes = rc4-hmac des3-cbc-sha1 des-cbc-crc des-cbc-md5
	permitted_enctypes = rc4-hmac des3-cbc-sha1 des-cbc-crc des-cbc-md5

[realms]
    MYDOMAIN.LOCAL = {
        kdc = srvmain.mydomain.local
        admin_server = srvmain.mydomain.local
    }
 
[domain_realms]
    .srvmain.mydomain.local = MYDOMAIN.LOCAL

#/etc/nsswitch.conf

group: files winbind
group_compat: nis
hosts: files dns
networks: files
passwd: files winbind
passwd_compat: nis
shells: files
shadow: files winbind


#smb.conf

#======================= Global Settings =====================================
[global]

   workgroup = MYDOMAIN
   netbios name = FREE
   realm = MYDOMAIN.LOCAL
   server string = Samba %v on %L
   security = ads
   password server = srvmain.mydomain.local
   max log size = 50000

encrypt passwords = yes
smb ports = 445 139
log level = 10
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/winnt/%D/%U

   display charset = cp1251
   unix charset = cp1251
   dos charset = cp866

   nt acl support = yes
   dns proxy = no 
   log file = /var/log/samba/%m.%U.log
   load printers = no

#============================ Share Definitions ==============================
[newshare]
   comment = My share
   path = /usr/newshare
   valid users = "@UFPS\Domain Users"
   admin users = MYDOMAIN\murzeg
   nt acl support = yes
 
[homes]
   comment = Home Directories
   browseable = no
   writable = yes

[netlogon]
logon path =
logon drive =
logon home =
Comment 1 Volker Lendecke 2008-06-24 06:03:33 UTC

*** This bug has been marked as a duplicate of 5561 ***