日本Sambaユーザ会 次年度活動計画案

OSC2005 2005/03/26( ) Windows Samba ---- Samba ACL staff@samba.gr.jp http://www.samba.gr.jp www.samba.gr.jp/

Windows UNIX Linux Samba Samba Windows

ACL (1) ACL Access Control List IEEE IEEE1003.6 IEEE1003.1e IEEE1003.2c 2 IEEE1003.1 IEEE1003.2 http://ieeexplore.ieee.org/xplore/dyn Wel.jsp

ACL (2) A R B RW C ----- A B C RW R RW A B C

: UNIX ugo R(ead),w(rite) x(execute) setuid/setgid sticky (FreeBSD) man 2 chflags

:DOS DOS RO System Hidden Archive FAT/VFAT/NTFS Using Samba 8 File Permissions and Attributes on MS-DOS and Unix

:NT NT ACL / / / / / : ( ) ACL

UNIX ACL POSIX OS Solaris,HP-UX,FreeBSD(5.x),Linux setfacl/getfacl

FreeBSD 5 /etc/fstab acl

Linux 2.4 ( ) 2.6 Kernel ACL /etc/fstab acl acls ext3/xfs/jfs

[tmp]# setfacl -m g:group2:rw acltest [tmp]# getfacl acltest # file: acltest # owner: root # group: root user::rw- user:lduser1:r-- user:lduser2:rw- group::r-- group:group2:rw- mask::rw- other::r--

Samba ACL (1) Samba Windows UNIX DOS UNIX NT ACL UNIX ACL samba

Samba ACL ( ) nt acl support = yes share DOS

DOS (1) R,S,H,A UNIX Windows DOS R UNIX R W DOS S,H,A UNIX ugo X Map [archive system hidden] u rwx g rwx o rwx

DOS (2) create mask,force create mask ( ) DOS(Windows) R UNIX w

(1) D VFAT Z Samba D: >attrib rotest.txt A R D: rotest.txt D: >del rotest.txt D: rotest.txt D: >z: Z: test>attrib rotest.txt A R Z: test rotest.txt Z: test>del rotest.txt Samba Z: test>

(2) w Z: test 2005/03/21 16:59 <DIR>. 2005/03/21 16:41 <DIR>.. 2005/03/21 16:45 8 rotest.txt 1 8 2 1,552,875,520 Z: test>del rotest.txt Z: test>dir Z: test 2005/03/21 16:59 <DIR>. 2005/03/21 16:41 <DIR>.. 2005/03/21 16:45 8 rotest.txt 1 8 2 1,552,875,520

NT ACL ACL (1) DOS rw r-

NT ACL ACL ( ) NT ACL Samba r--) rw-)

NT ACL ACL ( ) ACL Samba... (

NT ACL ACL ( )

DOS (1) DOS NT ACL and Hidden,system,archive X ( DOS ) NT Samba

DOS (2) readonly NT ACL +

Linux ACL jfs 8191 ext3 32 xfs 24 NT ugo 3 Windows ACE Windows

Administrator root UNIX root Windows Administrator Administrator Windows

3a

3b acltest owner: root group: users access: rwxr-x--- acl:group1:rwx aclcheck.txt owner: lduser1 group: users acl: group1:rwx ribbon group(p): users group(s): group1 lduse1 group(p): users group(s): group1

3 group ACL ribbon

3 aclcheck.txt owner: lduser1 group: users acl:group1:rwx aclcheck.txt owner: ribbon group: users acl: none!

3e group1 ACL

3 group1 lduser1

4 Windows Administrators ( ) UNIX force unknown acl user = yes winbind

ACL Windows Samba Windows UNIX samba-jp ML

Linux Extended Attributes and ACLs http://acl.bestbits.at acl.bestbits.at/ http://www.samba.gr.jp/project/kb/j0/1/05.ht ml http://www.microsoft.com/resources/documenta tion/windowsserv/2003/standard/proddocs/ja- jp/default.asp?url=/resources/documentation/ WindowsServ/2003/standard/proddocs/ja- jp/acl_con_use.asp http://www.nhk.or.jp/kids/program/index.html