The smbcacls command can specify various access right granted for a mask in the format of an ACL. But when I specified, for example, R or W for the mask value using smbcacls, the smbcacls command always shows FULL for mask value. example: # smbcacls //samba-server/xpub /user1-6.txt -U user1%samba REVISION:1 OWNER:SAMBA1\user1 GROUP:SAMBA1\group1 ACL:SAMBA1\user1:ALLOWED/0/RW ACL:SAMBA1\group1:ALLOWED/0/RW ACL:\Everyone:ALLOWED/0/R # smbcacls //samba-server/xpub /user1-6.txt -U user1%samba -a 'ACL:Domain Admins:ALLOWED/0/R' # smbcacls //samba-server/xpub /user1-6.txt -U user1%samba REVISION:1 OWNER:SAMBA1\user1 GROUP:SAMBA1\group1 ACL:SAMBA1\user1:ALLOWED/0/RW ACL:SAMBA1\Domain Admins:ALLOWED/0/FULL ACL:SAMBA1\group1:ALLOWED/0/RW ACL:\Everyone:ALLOWED/0/R # I think that this occurs because of a code on parse_ace() function, smbcacls.c is'nt initialize automatic variable atype, aflags and amask. show the patch. --- source/utils/smbcacls.c.orig Tue Sep 9 01:04:36 2003 +++ source/utils/smbcacls.c Fri Dec 5 14:50:55 2003 @@ -228,7 +228,7 @@ char *p; const char *cp; fstring tok; - unsigned atype, aflags, amask; + unsigned atype = 0, aflags = 0, amask = 0; DOM_SID sid; SEC_ACCESS mask; const struct perm_value *v;
This possibly was a samba-server bug. This is fixed now at least with 3.0.9, I can correctly set RW-permissions. Please reopen if it is still a problem for you.
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.