On Thu, Oct 6, 2011 at 4:40 AM, Xavier Roche <roche+kml2@xxxxxxxxxxx> wrote: > Hi folks, > > This may sound like a really stupid question, but I could not find any way > to somehow map remote Windows ACLs into POSIX ACLs (mapping users and group > SIDs to Unix mapped ids) when mounting a remote share (mount.cifs) on a > Linux box. > > Is is something not currently implemented ? The smbcacls tool can show the > actual ACLs remotely, but this information is not exposed to the mounted > filesystem apparently. The acl feature of the client seem to be an extension > to CIFS allowing to handle POSIX ACLs, not something allowing a mapping. > > Any insightful remark or documentation would be welcome! > > [ Note: the only potential issue when mapping would be related to deny ACLs > (AceType == ACCESS_DENIED_ACE_TYPE) ; something which is not mappable to > POSIX ACL. ] > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > , Currently cifs client maps DACL to Linux permission model but not to POSIX ACL model. You will need a kernel built with cifs_cifsacl config option (because it is still maexperimental) and current cifs-utils package. The manpages in that cifs-utils package will have info on how to use mount option cifsacl and how to setup id mapping (using winbind). The current cifs-utils package has two binaries, getcifsacl and setcifsacl, modeled after smbcacls. Hope that helps. You may direct any further questions/concerns to linux-cifs@xxxxxxxxxxxxxxx mailing list. Regards, Shirish -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
