Default ACL not applied on files created through CIFS filesystem (mount.cifs)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
samba |
Fix Released
|
Medium
|
|||
linux (Ubuntu) |
Fix Released
|
Low
|
Unassigned |
Bug Description
Binary package hint: smbfs
When creating files on a CIFS-mounted filesystem, default ACL are not inherited. However, directory created on same CIFS-mounted filesystem works just fine.
Both server and client are Ubuntu 8.04. On the server, running samba 3.0.28a-1ubuntu4.5, smb.conf is entirely distribution-
[share]
path = /srv/share
read only = No
inherit acls = Yes
Note that, in examples below, ubuntu is uid 1000 on both hardy-server and hardy-desktop.
On the server:
ubuntu@
0022
ubuntu@
ubuntu@
ubuntu@
ubuntu@
ubuntu@
ubuntu@
ubuntu@
# file: test-acl
# owner: ubuntu
# group: ubuntu
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:other::rwx
# file: test-acl/dir-local
# owner: ubuntu
# group: ubuntu
user::rwx
group::r-x
other::rwx
default:user::rwx
default:group::r-x
default:other::rwx
# file: test-acl/file-local
# owner: ubuntu
# group: ubuntu
user::rw-
group::r--
other::rw-
So far so good. Now, on the client, which have smbfs 3.0.28a-1ubuntu4.6 from hardy-proposed installed:
ubuntu@
2.6.24-20-generic
ubuntu@
1.52
ubuntu@
0022
ubuntu@
//hardy-
ubuntu@
ubuntu@
ubuntu@
ubuntu@
ubuntu@
Now, I cannot use getfacl to display the ACL from the client as the cifs module have not been compiled with CONFIG_CIFS_XATTR, but from the server:
ubuntu@
# file: dir-cifs
# owner: ubuntu
# group: ubuntu
user::rwx
group::r-x
other::rwx
default:user::rwx
default:group::r-x
default:other::rwx
# file: file-cifs
# owner: ubuntu
# group: ubuntu
user::rw-
group::r--
other::r--
We can see the directory inherited the default ACL, but the file created on the client over the CIFS-mounted file system do not appear to have got the w permission propagated from the parent directory as expected. Even more puzzling, it appear to work as expected when using smbclient:
ubuntu@
ubuntu@
Password:
Domain=
smb: \> cd test-acl
smb: \test-acl\> mkdir dir-smbclient
smb: \test-acl\> put file-smbclient
putting file file-smbclient as \test-acl\
smb: \test-acl\> quit
Witness on the server:
ubuntu@
getfacl: Removing leading '/' from absolute path names
# file: srv/share/
# owner: ubuntu
# group: ubuntu
user::rwx
group::r-x
other::rwx
default:user::rwx
default:group::r-x
default:other::rwx
# file: srv/share/
# owner: ubuntu
# group: ubuntu
user::rwx
group::r-x
other::rwx
I am puzzled. Could it relate to the umask? acl(5) seems to imply it could. But then, the umask is the same on both hardy-desktop and hardy-server (0022) and yet, the actual behavior differ depending on if the file is created locally or through a CIFS-mounted file system (it should not). Maybe I am just confused about what the correct behavior should be in the first place.
description: | updated |
description: | updated |
Changed in samba: | |
status: | Unknown → Confirmed |
Changed in samba: | |
status: | Confirmed → Fix Released |
Changed in samba: | |
importance: | Unknown → Medium |
The problem could be on the server side. I just tested with Ubuntu 7.10, with the old smbmount and smb kernel module, and the behavior is the same as when using mount.cifs and the cifs kernel module: directory inherit ACL fine, but not files.