[RndTbl] weird samba ACLs from MS Office
Trevor Cordes
trevor at tecnopolis.ca
Fri Jan 6 20:50:39 CST 2023
Have samba (4.16) sharing some linux drives to Windows. Want things
pretty simple where files on the share are all forced into certain user,
gorup, mode:
force create mode = 0660
force directory mode = 02770
force user = samba
Everything works great. The files get created like this:
-rw-rw---- 1 samba samba 0 Jan 4 01:01 test-file.txt
... With every app except MS Office. MS Office insists on making some
fubar ACL:
-rw-rwx---+ 1 samba samba 50510 Jan 4 01:13 test-excel.csv*
#getfacl test-excel.csv
# file: test-excel.csv
# owner: samba
# group: samba
user::rw-
user:samba:rw-
group::rw-
group:samba:rw-
mask::rwx
other::---
Looks like the same thing, eh? But that ACL screws up linus backups as it
is stopping a user who is in group samba from reading the file!!?!??
But I don't even want to solve that riddle (because they should be able to
read it), I just want to force samba to not let (or just ignore) Office
make an ACL in the first place. I don't want any files where ls says "+"
in the mode!
I swear this didn't use to happen. Might have been years ago, though.
All the samba ACL options seem to be to get "more" ACLs. I want less!
None!
But I don't want to mount the linux fs itself with ACLs off. I just want
to force samba to force Office to not be insane.
Anyone know the magic for this?
More information about the Roundtable
mailing list