← Back to team overview

desktop-packages team mailing list archive

  1. desktop-packages team
  2. Mailing list archive
  3. Message #128252

[Bug 1464645] Re: Samba shares over gvfs do not respect ACL rules

  Thread PreviousDate PreviousThread Next 
** Description changed:

- While accessing samba shares mounted with GVFS (using nautilus, but that
- probably does not matted) ACL rules are not respected.
+ Looks like the SMB backend does not support ACL rules while accessing
+ remote shares.
  
- Those shares should be mounted using user_xattr,acl options and by
- default they aren't.
- 
- Ideally the problem would be solved by a way to append mount options on
- a protocol basis (smb in this case). I don't know about any existing
- mechanism to achieve this.
- 
- Steps to reproduce:
- 1. Open a samba share with nautilus using a smb:// URI.
- 2. The share is mounted at /run/user/<uid>/gvfs/<sharename>
- 3. Verify ACL with getfacl on any of the files in the share.
+ The scenario looks like this:
+ 1. LDAP authentication for client & server. 
+ 2. SMB server with a share accessible to a certain ACL group or user.
+ 3. A user (that should be allowed to access the share: is a member of the group or is an ACL user) accesses the share from a client using nautilus and smb:// URI.
  
  Expected result:
- ACL rules are correctly applied.
+ Access is granted to the resource.
+ 
+ Actual result:
+ Permission denied for accessing the resource in question.
  
  Actual result:
  No sign of ACL rules in the getfacl output.
  
  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: gvfs 1.20.3-0ubuntu1.1
  ProcVersionSignature: Ubuntu 3.16.0-39.53~14.04.1-generic 3.16.7-ckt11
  Uname: Linux 3.16.0-39-generic x86_64
  NonfreeKernelModules: nvidia zfs zunicode zcommon znvpair zavl
  ApportVersion: 2.14.1-0ubuntu3.11
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Fri Jun 12 13:49:37 2015
  InstallationDate: Installed on 2015-04-13 (59 days ago)
  InstallationMedia: Ubuntu 14.04.2 LTS "Trusty Tahr" - Release amd64 (20150218.1)
  SourcePackage: gvfs
  UpgradeStatus: No upgrade log present (probably fresh install)

** Description changed:

  Looks like the SMB backend does not support ACL rules while accessing
  remote shares.
  
  The scenario looks like this:
- 1. LDAP authentication for client & server. 
+ 1. LDAP authentication for client & server.
  2. SMB server with a share accessible to a certain ACL group or user.
- 3. A user (that should be allowed to access the share: is a member of the group or is an ACL user) accesses the share from a client using nautilus and smb:// URI.
+ 3. A user (that should be allowed to access the share: is a member of a authorized group or is an authorized ACL user) accesses the share from a client using nautilus and smb:// URI.
  
  Expected result:
  Access is granted to the resource.
  
  Actual result:
  Permission denied for accessing the resource in question.
  
  Actual result:
  No sign of ACL rules in the getfacl output.
  
  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: gvfs 1.20.3-0ubuntu1.1
  ProcVersionSignature: Ubuntu 3.16.0-39.53~14.04.1-generic 3.16.7-ckt11
  Uname: Linux 3.16.0-39-generic x86_64
  NonfreeKernelModules: nvidia zfs zunicode zcommon znvpair zavl
  ApportVersion: 2.14.1-0ubuntu3.11
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Fri Jun 12 13:49:37 2015
  InstallationDate: Installed on 2015-04-13 (59 days ago)
  InstallationMedia: Ubuntu 14.04.2 LTS "Trusty Tahr" - Release amd64 (20150218.1)
  SourcePackage: gvfs
  UpgradeStatus: No upgrade log present (probably fresh install)

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gvfs in Ubuntu.
https://bugs.launchpad.net/bugs/1464645

Title:
  Samba shares over gvfs do not respect ACL rules

Status in gvfs:
  Confirmed
Status in gvfs package in Ubuntu:
  New

Bug description:
  Looks like the SMB backend does not support ACL rules while accessing
  remote shares.

  The scenario looks like this:
  1. LDAP authentication for client & server.
  2. SMB server with a share accessible to a certain ACL group or user.
  3. A user (that should be allowed to access the share: is a member of a authorized group or is an authorized ACL user) accesses the share from a client using nautilus and smb:// URI.

  Expected result:
  Access is granted to the resource.

  Actual result:
  Permission denied for accessing the resource in question.

  Actual result:
  No sign of ACL rules in the getfacl output.

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: gvfs 1.20.3-0ubuntu1.1
  ProcVersionSignature: Ubuntu 3.16.0-39.53~14.04.1-generic 3.16.7-ckt11
  Uname: Linux 3.16.0-39-generic x86_64
  NonfreeKernelModules: nvidia zfs zunicode zcommon znvpair zavl
  ApportVersion: 2.14.1-0ubuntu3.11
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Fri Jun 12 13:49:37 2015
  InstallationDate: Installed on 2015-04-13 (59 days ago)
  InstallationMedia: Ubuntu 14.04.2 LTS "Trusty Tahr" - Release amd64 (20150218.1)
  SourcePackage: gvfs
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/gvfs/+bug/1464645/+subscriptions

References

  Thread PreviousDate PreviousThread Next