Quantcast

Samba + acl,user_xattr

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Samba + acl,user_xattr

Dmitry Mordovin
Hello All!

Can't make Samba use acl and extended user attributes to save DOS file
attributes.

Please, help me configure properly.

My steps on Windows XP:
1 - Open share
2 - Open property of file 1122/22.bmp
3 - Check file attribute: hidden
4 - Click Apply
5 - Click Close

6 - Open property again
7 - Attribute Hidden not checked.

Samba dont save attributes!!!

getfattr -d /mnt/public/1122/22.bmp
Show no any attributes for 22.bmp file

*Environment*

Server configuration:

OS: Ubuntu 10.04.3 LTS 2.6.32-36-generic
Samba: 3.6.1
Share: /mnt/public
Mount: /dev/sda3 on /mnt/public type ext3 (rw,acl,user_xattr)

Unix file permissions:

ls -la /mnt/public/
total 18
drwxrwxrwx 2 nobody nogroup  1024 2011-12-09 14:45 1122
drwx------ 2 root   root    12288 2011-12-09 14:43 lost+found

ls -la /mnt/public/1122
total 218
-rwxrwxrwx 1 nobody nogroup 220074 2011-12-09 14:45 22.bmp

Samba config:

[global]
workgroup = HOME
security = share
max log size = 1024
store dos attributes = yes
map archive = no
map read only = no
map hidden = no
map system = no
create mode = 777
directory mode = 777

[homes]
browseable = no
printable = no
store dos attributes = yes

[public]
path = /mnt/public
comment = ""
read only = no
guest ok = yes
follow symlinks = no
store dos attributes = yes
writable = yes
map archive = no
map read only = no
map hidden = no
map system = no
create mode = 777
directory mode = 777



Samba configure params: --prefix=/usr/local/samba
...
checking whether to support ACLs... auto
configure: checking whether ACL support is available:
checking for acl_get_file in -lacl... yes
checking for getxattr in -lattr... yes
checking for POSIX ACL support... yes
configure: Using posix ACLs
checking for acl_get_perm_np... no
...

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Samba + acl,user_xattr

Jonathan Buzzard
On Fri, 2011-12-09 at 16:05 +0400, Dmitry Mordovin wrote:

[SNIP]

> Samba config:
>
> [global]
> workgroup = HOME
> security = share
> max log size = 1024
> store dos attributes = yes
> map archive = no
> map read only = no
> map hidden = no
> map system = no
> create mode = 777
> directory mode = 777
>
> [homes]
> browseable = no
> printable = no
> store dos attributes = yes
>
> [public]
> path = /mnt/public
> comment = ""
> read only = no
> guest ok = yes
> follow symlinks = no
> store dos attributes = yes
> writable = yes
> map archive = no
> map read only = no
> map hidden = no
> map system = no
> create mode = 777
> directory mode = 777

I see no vfs objects = acl_xattr in your Samba config. Without that it
won't work as there is nothing telling Samba where to store the ACL
information.

JAB.

--
Jonathan A. Buzzard                 Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Samba + acl,user_xattr

Dmitry Mordovin
On 12/09/2011 04:26 PM, Jonathan Buzzard wrote:

> On Fri, 2011-12-09 at 16:05 +0400, Dmitry Mordovin wrote:
>
> [SNIP]
>
>> Samba config:
>>
>> [global]
>> workgroup = HOME
>> security = share
>> max log size = 1024
>> store dos attributes = yes
>> map archive = no
>> map read only = no
>> map hidden = no
>> map system = no
>> create mode = 777
>> directory mode = 777
>>
>> [homes]
>> browseable = no
>> printable = no
>> store dos attributes = yes
>>
>> [public]
>> path = /mnt/public
>> comment = ""
>> read only = no
>> guest ok = yes
>> follow symlinks = no
>> store dos attributes = yes
>> writable = yes
>> map archive = no
>> map read only = no
>> map hidden = no
>> map system = no
>> create mode = 777
>> directory mode = 777
> I see no vfs objects = acl_xattr in your Samba config. Without that it
> won't work as there is nothing telling Samba where to store the ACL
> information.
>
> JAB.
>

Added to global section

vfs objects = acl_xattr


No changes. Still dont store DOS attr.

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Samba + acl,user_xattr

Jeremy Allison
On Fri, Dec 09, 2011 at 04:36:51PM +0400, Dmitry Mordovin wrote:

> On 12/09/2011 04:26 PM, Jonathan Buzzard wrote:
> >On Fri, 2011-12-09 at 16:05 +0400, Dmitry Mordovin wrote:
> >
> >[SNIP]
> >
> >>Samba config:
> >>
> >>[global]
> >>workgroup = HOME
> >>security = share
> >>max log size = 1024
> >>store dos attributes = yes
> >>map archive = no
> >>map read only = no
> >>map hidden = no
> >>map system = no
> >>create mode = 777
> >>directory mode = 777
> >>
> >>[homes]
> >>browseable = no
> >>printable = no
> >>store dos attributes = yes
> >>
> >>[public]
> >>path = /mnt/public
> >>comment = ""
> >>read only = no
> >>guest ok = yes
> >>follow symlinks = no
> >>store dos attributes = yes
> >>writable = yes
> >>map archive = no
> >>map read only = no
> >>map hidden = no
> >>map system = no
> >>create mode = 777
> >>directory mode = 777
> >I see no vfs objects = acl_xattr in your Samba config. Without that it
> >won't work as there is nothing telling Samba where to store the ACL
> >information.
> >
> >JAB.
> >
>
> Added to global section
>
> vfs objects = acl_xattr
>
>
> No changes. Still dont store DOS attr.

You only need acl_xattr is you want to store Windows ACLs, not DOS attrs.

Have you tried using setfattr on that filesystem ? Does it work ?

Jeremy.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Samba + acl,user_xattr

Dmitry Mordovin

>> Added to global section
>>
>> vfs objects = acl_xattr
>>
>>
>> No changes. Still dont store DOS attr.
> You only need acl_xattr is you want to store Windows ACLs, not DOS attrs.
>
> Have you tried using setfattr on that filesystem ? Does it work ?
>
> Jeremy.

Hello Jeremy!

You are right!

I don't want to store Windows ACLs, need only DOS attrs (hidden file attr).

What Is enough to add to my smb.conf?
'store dos attributes (S)  or 'map hidden (S)' or together or else?

#cat /opt/samba/smb.conf
[global]
pid directory = /opt/samba/run
lock directory = /opt/samba/cache
private dir = /opt/samba/cache
log file = /opt/samba/smbd.log
log level = 10
workgroup = TEST
security = share
show add printer wizard = no
max log size = 10240
bind interfaces only = true
interfaces = eth1

[homes]
browseable = no
printable = no

[public]
path = /mnt/public
comment = ""
read only = no
guest ok = yes
follow symlinks = no
writable = yes

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Samba + acl,user_xattr

Jeremy Allison
On Thu, Dec 15, 2011 at 12:17:21PM +0400, Dmitry Mordovin wrote:

>
> >>Added to global section
> >>
> >>vfs objects = acl_xattr
> >>
> >>
> >>No changes. Still dont store DOS attr.
> >You only need acl_xattr is you want to store Windows ACLs, not DOS attrs.
> >
> >Have you tried using setfattr on that filesystem ? Does it work ?
> >
> >Jeremy.
>
> Hello Jeremy!
>
> You are right!
>
> I don't want to store Windows ACLs, need only DOS attrs (hidden file attr).
>
> What Is enough to add to my smb.conf?
> 'store dos attributes (S)  or 'map hidden (S)' or together or else?

I use:

   store dos attributes = yes
   map readonly = no
   map system = no
   map hidden = no
   map archive = no

Jeremy.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Samba + acl,user_xattr

Dmitry Mordovin

>> Hello Jeremy!
>>
>> You are right!
>>
>> I don't want to store Windows ACLs, need only DOS attrs (hidden file attr).
>>
>> What Is enough to add to my smb.conf?
>> 'store dos attributes (S)  or 'map hidden (S)' or together or else?
> I use:
>
>     store dos attributes = yes
>     map readonly = no
>     map system = no
>     map hidden = no
>     map archive = no
>
> Jeremy.

Added to smb.conf

Now, when I try to Apply hidden attribute, popup message - Error change
file attributes. Access Denied.

I suspect this due to Bug 8414
(https://bugzilla.samba.org/show_bug.cgi?id=8414) for me.

Thank you.

PS: With hacked version of smbd this error happens too.

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Samba + acl,user_xattr

TAKAHASHI Motonobu-2
From: Dmitry Mordovin <[hidden email]>
Date: Fri, 16 Dec 2011 10:39:44 +0400

> Now, when I try to Apply hidden attribute, popup message - Error change
> file attributes. Access Denied.

At first, has your file system already enabled xattr?
For example, are following commands successfull?

 # touch test.txt
 # setfattr -n user.test -v test test.txt
 # setfattr -n security.test -v test2 test.txt
 # getfattr -d test.txt
 # getfattr -n security.test -d test.txt

And your Samba (smbd) is xattr-ready?
For example the following commands show HAVE_*XATTR line?

# smbd -b | grep SETXATTR
   HAVE_FSETXATTR
   HAVE_LSETXATTR
   HAVE_SETXATTR

---
TAKAHASHI Motonobu <[hidden email]>
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Samba + acl,user_xattr

Dmitry Mordovin

> At first, has your file system already enabled xattr?
> For example, are following commands successfull?
>
>   # touch test.txt
>   # setfattr -n user.test -v test test.txt
>   # setfattr -n security.test -v test2 test.txt
>   # getfattr -d test.txt
>   # getfattr -n security.test -d test.txt
>
> And your Samba (smbd) is xattr-ready?
> For example the following commands show HAVE_*XATTR line?
>
> # smbd -b | grep SETXATTR
>     HAVE_FSETXATTR
>     HAVE_LSETXATTR
>     HAVE_SETXATTR
>
> ---
> TAKAHASHI Motonobu<[hidden email]>
All commands successfull.

#mount
/dev/sda4 on /mnt/public type ext3 (rw,nosuid,nodev,acl,user_xattr)

#cd /mnt/public


#getfattr -d hello.txt
# file: hello.txt
user.test="test"

#getfattr -n security.test -d hello.txt
# file: hello.txt
security.test="test2"


#smbd -b|grep SETXATTR
    HAVE_FSETXATTR
    HAVE_LSETXATTR
    HAVE_SETXATTR

SAMBA ready, but don't change xattr. Very strange with my system.
Also, I joined TT 8414 where is strange with file access rights.

https://bugzilla.samba.org/show_bug.cgi?id=8414

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Loading...