我有一个在 Debian Stretch 上运行的 Samba 4.5.12 文件服务器,其文件共享配置如下:
[test]
path = /srv/test
read only = no
该共享内有一个目录:/srv/test/directory。然后我使用 Windows 客户端创建一个文件test.txt,创建后它具有以下权限:
# file: test.txt
# owner: some_user
# group: some_group
user::rw-
group::r--
other::r--
现在,我在文件服务器上设置目录的默认 ACL /srv/test/directory:
setfacl -d -m group:some_other_group:rwx /srv/test/directory
touch /srv/test/directory/test2.txt
test2.txt文件具有预期的权限:
# file: test2.txt
# owner: some_user
# group: some_group
user::rw-
group::r-x #effective:r--
group:some_other_group:rwx #effective:rw-
mask::rw-
other::r--
当我继续使用 Windows 客户端创建另一个文件时,我得到以下信息:
# file: test3.txt
# owner: some_user
# group: some_group
user::rw-
group::r--
group:some_other_group:rwx
mask::rwx
other::r--
如您所见,掩码是错误的。我该如何修复它?
我尝试过设置create mask = 0666,但也没有用。唯一有帮助的是通过禁用 NT ACL 支持,nt acl support = no但我不想这样做。
完整smb.conf如下:
[global]
server role = member server
security = ADS
workgroup = *redacted*
realm = *redacted*
netbios name = FILES
kerberos method = secrets and keytab
acl allow execute always = yes
map to guest = bad user
store dos attributes = yes
map readonly = no
map archive = no
map hidden = no
map system = no
[test]
path = /srv/test
read only = no