On Tue, Mar 3, 2015 at 3:20 PM, pisymbol . <pisymbol@xxxxxxxxx> wrote: > On Tue, Mar 3, 2015 at 2:59 PM, Richard Sharpe > <realrichardsharpe@xxxxxxxxx> wrote: >> On Tue, Mar 3, 2015 at 11:52 AM, pisymbol . <pisymbol@xxxxxxxxx> wrote: >>> A colleague and I just witnessed that we could not write an access >>> time of a file on a CIFS mount using CentOS 6.5 despite the fact we >>> mounted it with "Backup Intent." >>> >>> My current theory is that via CIFS, the DACL checks still apply >>> because Window backup clients use a different API to access files. >>> However, I'm not 100% sure. >> >> BackupIntent is only useful if you also have SeBackupPrivilege or >> SeRestorePrivilege or both. That is why it worked when you added >> BackupOperators, because privileges are associated with groups. > > So the domain user in Windows has to have these privileges set AND be > part of the Backup Operators group for all of this to work? Btw, I pester only because I had *thought* that those privs were automatically granted to anyone in the Backup Operator group and the mount.cifs command should follow suit. -aps -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
