Bug 672 - results the cacls command shows is wrong
Summary: results the cacls command shows is wrong
Status: RESOLVED FIXED
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: Client Tools (show other bugs)
Version: 3.0.0
Hardware: All Windows 2000
: P3 normal
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact:
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-10-23 02:00 UTC by kakuma
Modified: 2006-04-08 11:43 UTC (History)
1 user (show)

See Also:


Attachments
add write permission to a user1 (40.72 KB, text/plain)
2003-10-23 18:41 UTC, kakuma
no flags Details
add a user2 to ACL (123.38 KB, text/plain)
2003-10-23 18:46 UTC, kakuma
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description kakuma 2003-10-23 02:00:21 UTC
Samba is running as a PDC.
We are sharing a directory tree using samba on linux.
On a Windows 2k machine, I change ACL of a file on the public directory
by the cacls command.
After I changed permission of the file with cacls or
I added a user to ACL of the file by cacls,
but the ACL data that cacls shows is wrong.

ACL is working correctly with xfs.
I verified that ACL is working correctly using getfacl and setfacl
on linux.


samba system: GNU-Debian/Linux 
              use kernel supporting xfs
              Architecture: i386
samba : Samba 3.0.0 RC3
public file system : XFS
client system : Windows2000 Professional(Japanese) SP4


sample : 

=====================================================================
==== sample 1 : add write permission to a user1

-- linux

user1$ getfacl user1-1.txt
# file: user1-1.txt
# owner: user1
# group: guser1
user::r--
group::r--
other::r--


-- Windows 2k

E:\>cacls user1-1.txt
E:\user1-1.txt SAMBA1\user1:(special access:)
                            READ_CONTROL
                            SYNCHRONIZE
                            FILE_GENERIC_READ
                            FILE_READ_DATA
                            FILE_READ_EA
                            FILE_READ_ATTRIBUTES

               SAMBA1\guser1:(special access:)
                             READ_CONTROL
                             SYNCHRONIZE
                             FILE_GENERIC_READ
                             FILE_READ_DATA
                             FILE_READ_EA
                             FILE_READ_ATTRIBUTES

               Everyone:(special access:)
                        READ_CONTROL
                        SYNCHRONIZE
                        FILE_GENERIC_READ
                        FILE_READ_DATA
                        FILE_READ_EA
                        FILE_READ_ATTRIBUTES



E:\>
E:\>cacls user1-1.txt /G user1:W
are you OK (Y/N)?Y
objects: E:\user1-1.txt

E:\>cacls user1-1.txt
E:\user1-1.txt SAMBA1\user1:F
               SAMBA1\guser1:(special access:)

               Everyone:(special access:)



E:\>


-- linux

user1$ getfacl user1-1.txt
# file: user1-1.txt
# owner: user1
# group: guser1
user::rwx
group::---
other::---

user1$ date
Thu Oct 23 15:21:38 JST 2003


==== sample 2 : add a user2 with read permission

-- linux

user1$ getfacl user1-2.txt
# file: user1-2.txt
# owner: user1
# group: guser1
user::rw-
group::r--
other::r--

user1$ date
Thu Oct 23 15:33:28 JST 2003
user1$


-- Windows 2k

E:\>cacls user1-2.txt
E:\user1-2.txt SAMBA1\user1:(special access:)
                            READ_CONTROL
                            SYNCHRONIZE
                            FILE_GENERIC_READ
                            FILE_GENERIC_WRITE
                            FILE_READ_DATA
                            FILE_WRITE_DATA
                            FILE_APPEND_DATA
                            FILE_READ_EA
                            FILE_WRITE_EA
                            FILE_READ_ATTRIBUTES
                            FILE_WRITE_ATTRIBUTES

               SAMBA1\guser1:(special access:)
                             READ_CONTROL
                             SYNCHRONIZE
                             FILE_GENERIC_READ
                             FILE_READ_DATA
                             FILE_READ_EA
                             FILE_READ_ATTRIBUTES

               Everyone:(special access:)
                        READ_CONTROL
                        SYNCHRONIZE
                        FILE_GENERIC_READ
                        FILE_READ_DATA
                        FILE_READ_EA
                        FILE_READ_ATTRIBUTES



E:\>
E:\>cacls user1-2.txt /G user2:R
are you OK (Y/N)?Y
objects: E:\user1-2.txt

E:\>
E:\>cacls user1-2.txt
E:\user1-2.txt SAMBA1\user1:(special access:)
                            READ_CONTROL
                            SYNCHRONIZE
                            FILE_GENERIC_READ
                            FILE_READ_DATA
                            FILE_READ_EA
                            FILE_READ_ATTRIBUTES

               SAMBA1\guser1:(special access:)

               SAMBADEV1\user2:R
               Everyone:(special access:)



E:\>


-- linux

user1$ getfacl user1-2.txt
# file: user1-2.txt
# owner: user1
# group: guser1
user::r--
user:user2:r-x
group::---
mask::rwx
other::---

user1$ date
Thu Oct 23 15:33:48 JST 2003
user1$

=====================================================================
Comment 1 kakuma 2003-10-23 18:41:48 UTC
Created attachment 219 [details]
add write permission to a user1

This file is samba log.
This file is traced when cacls added write permission to user1.
Comment 2 kakuma 2003-10-23 18:46:47 UTC
Created attachment 220 [details]
add a user2 to ACL

This file is samba log.
This file is traced when cacls added a user2 with read permission to ACL.
Comment 3 Gerald (Jerry) Carter (dead mail address) 2005-02-07 09:15:31 UTC
originally against 3.0.0rc3
Comment 4 Gerald (Jerry) Carter (dead mail address) 2006-04-08 11:43:57 UTC
please reopen if the bug still exists in a current release.