Bug 621 - Can't add group or user to ACL
Summary: Can't add group or user to ACL
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: File Services (show other bugs)
Version: 3.0.0
Hardware: All Linux
: P2 major
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact:
Depends on:
Reported: 2003-10-14 09:07 UTC by Ron Bhanukitsiri
Modified: 2005-11-14 09:30 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Ron Bhanukitsiri 2003-10-14 09:07:54 UTC
In the security tab, I can change the permission for the owner of the file.  
However, when I tried to add a Domain User or Group to the ACL, I get 
permission denied.  By DC is running SP3 and my Windows 2K Pro is running SP2.  
Looking at the trace, this is the error I got.  ACL is working find with xfs (I 
used getfacl and setfacl to verfiy that ACL is working ok on the Linux side).

Here's the error trace.
[2003/10/14 08:22:33, 3] smbd/posix_acls.c:convert_canon_ace_to_posix_perms
  convert_canon_ace_to_posix_perms: Too many ACE entries for file ronb-file.txt 
to convert to posix perms.
[2003/10/14 08:22:33, 3] smbd/posix_acls.c:set_nt_acl(3139)
  set_nt_acl: failed to convert file acl to posix permissions for file ronb-

Looking at the source code, I don't understand why the code is bailing out if 
the ace_count != 3.

Ron B.
Comment 1 Gerald (Jerry) Carter (dead mail address) 2004-02-09 09:09:32 UTC
Nahuel Greco <ngreco@axonsis.com.ar> wrote:

>> Hi, I was having a problem similar to 
>> https://bugzilla.samba.org/show_bug.cgi?id=621 
>> using Samba 3.0.1rc2 and Linux Kernel 2.6.1 / Ext3 
>> with Posix ACL and Extended Attributes support, 
>> rendering ACL useless. Now with 3.0.2 the problem 
>> seems to be fixed, but there is nothing on the 
>> changelog about that, and the bug remains
>> open on bugzilla.

Sorry, it was Samba 3.0.2rc2.
Comment 2 Gerald (Jerry) Carter (dead mail address) 2005-08-24 10:19:14 UTC
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.
Comment 3 Gerald (Jerry) Carter (dead mail address) 2005-11-14 09:30:19 UTC
database cleanup