Bug 6168 - zfs folder creation
zfs folder creation
Status: NEW
Product: Samba 3.3
Classification: Unclassified
Component: VFS Modules
3.3.1
Other Other
: P3 normal
: ---
Assigned To: Jeremy Allison
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2009-03-05 14:49 UTC by mchugh19@yahoo.com
Modified: 2009-05-03 02:29 UTC (History)
0 users

See Also:


Attachments
debug 10 logs (481.83 KB, application/x-bzip)
2009-03-06 09:31 UTC, mchugh19@yahoo.com
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description mchugh19@yahoo.com 2009-03-05 14:49:15 UTC
Because of the issue mentioned in bug #6167 I tried to perform the same function using the everyone group. I gave everyone the permission to create folders and read everything else, and also allowed "creator owner" full control. This seems to have mapped as owner on the backend. As a regular user I then tried to create a folder, and was told permission denied. However, it looks like a New Folder directory was actually created.

root@rieekan:/raid/owner$ ls -ldV New\ Folder/
drwxr-xr-x+  2 NAU-STUDENTS\systemuser1 10000          2 Mar  5 13:40 New Folder/
         everyone@:r-xp--a-R-c--s:fdi---:allow
         everyone@:------a-R-c--s:------:allow
            owner@:--------------:------:deny
            owner@:rwxp---A-W-Co-:------:allow
            group@:-w-p----------:------:deny
            group@:r-x-----------:------:allow
         everyone@:-w-p---A-W-Co-:------:deny
         everyone@:r-x---a-R-c--s:------:allow

I'm not sure exactly where to go from here. Since the folder was created I suppose I should not have gotten the permission denied message. However, since everyone does not actually have the ability to do much more than create folders, I wonder if it might also be disallowing the folder rename and if that might be proper.
Comment 1 Jeremy Allison 2009-03-05 17:33:47 UTC
Again, a debug level 10 log will allow me to immediately investigate this issue.
Thanks,
Jeremy.
Comment 2 mchugh19@yahoo.com 2009-03-06 09:31:02 UTC
Created attachment 3982 [details]
debug 10 logs

I don't know how this happens but I'm not unable to exactly replicate the problem. Having restarted samba, my regular user account (systemuser1) is now able to create a directory without a problem. However if an attempt is made to rename the newly created directory I then see the permission denied error.

In windows owner is separate from creator owner. The creator owner permission would allow for setting permissions for new files/folders in a directory. It seems this permission is being mapped to just owner though samba, which means that setting full control for creator owner does not necessarily give full control for newly created files.

Starting with the directory . if systemuser1 creates a new folder it appears full permissions are not granted. Ultimately I'm attempting to allow full control over directories created for the user doing the creating:

root@rieekan:/raid/owner$ ls -lVd New\ Folder/
drwxr-xr-x+  2 NAU-STUDENTS\systemuser1 10000          2 Mar  6 08:12 New Folder/
         everyone@:r-xp--a-R-c--s:fdi---:allow
         everyone@:------a-R-c--s:------:allow
            owner@:--------------:------:deny
            owner@:rwxp---A-W-Co-:------:allow
            group@:-w-p----------:------:deny
            group@:r-x-----------:------:allow
         everyone@:-w-p---A-W-Co-:------:deny
         everyone@:r-x---a-R-c--s:------:allow
root@rieekan:/raid/owner$ ls -lVd .
drwxr-xr-x+  3 root     10000          3 Mar  6 08:12 .
         everyone@:r-xp--a-R-c--s:fd----:allow
            owner@:rwxpdDaARWcCos:------:allow

In looking at these permissions I'm not exactly sure where the deny lines came from on New Folder. 

My goal of emulating Window's behavior with creator owner seems difficult to obtain the more I consider the possibilities of how to map wacky metausers that the unix system has no concept of.