Bug 6298 - ACL can't set refused permission
Summary: ACL can't set refused permission
Alias: None
Product: Samba 3.3
Classification: Unclassified
Component: User & Group Accounts (show other bugs)
Version: 3.3.2
Hardware: All Linux
: P3 critical
Target Milestone: ---
Assignee: Jeremy Allison
QA Contact: Samba QA Contact
Depends on:
Reported: 2009-04-28 21:17 UTC by akong
Modified: 2009-07-27 05:41 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description akong 2009-04-28 21:17:46 UTC
I have upgrade to samba 3.3.2
But ACL still can't set refused permission.
refused permission:
I have add MS AD Server with samba server.
So,I can apply MS AD account or group to set permission
But I can set allow permission can't set refused permission.
When I set refused permission and apply.
It's show none refused permission.
I list my smb.conf
security = ads
netbios name = fileserver3
realm = linguitronics.com
password server = etams001.linguitronics.com
idmap uid = 500-10000000
idmap gid = 500-10000000
winbind separator = +
winbind enum users = no
winbind enum groups = no
winbind use default domain = yes
template homedir = /home/%D/%U
template shell = /bin/bash
client use spnego = yes
domain master = no
nt acl support = yes
inherit acls = yes
inherit owner = yes
inherit permissions = yes

My share folder is
        comment = Samba
        path = /home/akong/samba
        public = yes
        writeable = yes
        create mask = 0777
        directory mask = 0777
        directory security mask = 0777
        admin users = LINGUITRONICS\akong, LINGUITRONICS\stephen, LINGUITRONICS\brian, LINGUITRONICS\Administrator

Am I lose any settings or VFS module?
Thanks a lot.
Comment 1 Volker Lendecke 2009-07-27 05:41:00 UTC
This is by design. Unless you're using a file system with NFSv4 ACLs, there is just no way to set deny acls in Posix. NFSv4 has them, but Posix ACLs don't.