6812 – Bug in acl_xattr vfs module - changing owner reset permissions

Bug 6812 - Bug in acl_xattr vfs module - changing owner reset permissions

Summary: Bug in acl_xattr vfs module - changing owner reset permissions

Status:	RESOLVED DUPLICATE of bug 6892

Alias:	None

Product:	Samba 3.4
Classification:	Unclassified
Component:	VFS Modules (show other bugs)
Version:	3.4.1
Hardware:	x86 Windows XP

Importance:	P3 normal
Target Milestone:	---
Assignee:	Samba Bugzilla Account
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2009-10-14 16:04 UTC by Tomas Lajbl
Modified:	2011-10-31 06:36 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Tomas Lajbl 2009-10-14 16:04:02 UTC

Hello, I'm testing Samba 3.4.1 with acl_xattr vfs support on OpenSuSE 11.2 server.

Everything seems to work fine except changing owner via WinXP Explorer Security Tab. I can add or remove user or group permissions without any problem via WinXP on client side. But when I attempt to change file/folder owner (Explorer > Properties > Security > Advanced > Owner > Change Owner), all permissions resets to "Everyone - Full Control".
Both vfs modules (acl_xattr and acl_tdb) works identically - resets permissions.
When I set owner via "chown" command on Linux Server, nothing hapens on Windows side - I see still the same - old owner is set.

This testing server is AD 2003 Domain Member Server. Samba version number is 3.4.1-1.5-2196-SUSE-SL11.2 installed by YaST from SuSE rpm packages.
Underlying filesystem is ext3 with acl and user_xattr enabled. I tested ext4 and reiserfs too. OpenSuSE 11.1 works identically.

On Samba 3.0.22/3.0.28d @ OpenSuSE 10.1 server this works fine without any vfs module (Yes, of course I can use only rwx permissions, but both permissions/ownership setting works without any problem and can be set transparently via Windows Explorer).

Below is my smb.conf. I use it on our production servers (Samba 3.0.22/3.0.28d @ OpenSuSE 10.1) for five years with no errors.

#[global]

   log file = /var/log/samba/samba.log
   max log size = 50
   socket options = TCP_NODELAY
   local master = no
   os level = 20
   domain master = no
   preferred master = no
   domain logons = no

   server string = OpenSuSE 11.2 MS8
   realm = OURDOMAIN.DOMAIN.CZ
   workgroup = OURDOMAIN
   password server = server.ourdomain.domain.cz
   security = ADS
   encrypt passwords = yes

   vfs objects = acl_xattr
# without this option I'm unable set permissions for user/group/everyone - nothing is ticked in Windows Explorer Tab - but permissions for other users/groups can be set and stored without problem
   inherit acls = yes
   
winbind separator = +
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users=yes
winbind enum groups=yes

# Share definition
[home]
comment = Home Directories
path = /mnt/data1/home
browseable = yes
read only = no
admin users = root @"OURDOMAIN+Domain Admins"

# End of smb.conf file

Thank you very much for your answer.

Tomas Lajbl, Prague, Czech Republic.

Comment 1 Jeremy Allison 2009-10-14 16:09:26 UTC

Ok, when you set the owner via chown on the Linux server, in 3.4.x there's no way for the Samba server to know the owner has changed. In 3.5.0 and above, the server stored a cryptographic hash that will allow Samba to know the ACL or owners have changed, and it will automatically refresh.

I'll investigate the issue with owner being changed via Windows.

Jeremy.

Comment 2 Barry Sabsevitz (mail address dead) 2009-11-23 16:16:59 UTC

Hey Jeremy, I think this may be a DUP of Bug # 6892. I saw the same behavior before we put in our patch for 6892. And I suspect your patch will fix this.

Comment 3 Jeremy Allison 2009-11-25 17:23:04 UTC


*** This bug has been marked as a duplicate of bug 6892 ***