Bug 5890 - "map read only = permissions" does not refer to ACL.
"map read only = permissions" does not refer to ACL.
Status: RESOLVED INVALID
Product: Samba 3.2
Classification: Unclassified
Component: File services
3.2.4
Other Windows XP
: P3 normal
: ---
Assigned To: Jeremy Allison
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2008-11-11 09:26 UTC by TAKAHASHI Motonobu
Modified: 2010-10-10 23:24 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description TAKAHASHI Motonobu 2008-11-11 09:26:55 UTC
At the "map read only = permissions" in smb.conf(5): it says:
-----
o Permissions - The read only DOS attribute is mapped to the
               effective permissions of the connecting user, as evaluated by
               smbd(8) by reading the unix permissions and POSIX ACL (if
               present).
-----
As far as I examined: POSIX ACL is never refered to.
-----

For example: If ACLs of a file is like:

# file: test.txt
# owner: local
# group: local
user::r-x
group::r-x
group:group1:rwx
other::r-x

And when an account which belongs to the "group1" group sees the attributes for test.txt, "read only" is still checked.

I tested on Debign GNU/Linux 4.0 and Samba 3.2.4 (self-compiled).

I think at first to modify smb.conf(5) manual page is better.
Comment 1 Volker Lendecke 2009-06-18 06:09:48 UTC
Jeremy, is this a documentation problem?

Volker
Comment 2 TAKAHASHI Motonobu 2010-10-10 23:24:25 UTC
I checked again at Samba 3.2.4/Samba 3.5.4 and found "map read only = yes" works fine.

-----
smb.conf:
  map read only = yes
 (store dos attributes = no)
-----
-----
# ls -la
total 8
drwxrwxrwx  2 root  root  4096 2010-09-30 07:09 .
drwxrwxrwx  6 root  root  4096 2010-09-30 07:02 ..
-r-xr--r--  1 monyo monyo    0 2010-09-30 07:02 file1.txt
-r-xrw-r--  1 monyo monyo    0 2010-09-30 07:02 file2.txt
-rwxr--r--  1 monyo monyo    0 2010-09-30 07:02 file3.txt
-r-xrw-r--  1 local monyo    0 2010-09-30 07:02 file4.txt
-rwxrw-r--  1 root  root     0 2010-09-30 07:08 file5.txt
-rwxrwxr--+ 1 root  root     0 2010-09-30 07:08 file6.txt (u:monyo:rwx)
-rwxrwxr--+ 1 root  root     0 2010-09-30 07:08 file7.txt (g:monyo:rwx)
-----

Accessed as user monyo (whose group is monyo) and file1.txt, file2.txt and file5.txt are shown as read only, this is my expected behavior.

Sorry for invalid bug report.