Author Topic: Applying ACLs to share on file system path fails  (Read 1969 times)

nix666

  • Zen Apprentice
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Applying ACLs to share on file system path fails
« on: October 14, 2016, 09:18:41 am »
Hi There,

Using Zentayal 4.0 Community Edition. Whenever I try to add a new share that's not under /home/ ( a seperate disk mounted at /u) , The
web interface doesn't allow me to Save Changes when the Apply ACL's box is ticked. When saving , it gives me errors in saving.

It says Changed Saved , The process produced some warning messages : There were errors setting ACLs on samba shares, please check the zentayal logs for details.

The disk is mounted with acl options  in fstab:
UUID=9232f692-4fed-417d-a81c-8d566be4d394       /u      ext4    errors=remount-ro,acl,user_xattr,usrquota,grpquota,acl  0       1

Is this an oversight ?  I want to apply ACLS to a share thats on /u/.  I want to have certain users that can access only certain folders on this drive.The rest of the users must
have full rwx access to this share. Am I missing something ?

Any ideas would be highly appreciated.
Kind Regards
 

nix666

  • Zen Apprentice
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Update : Applying ACLs to share on file system path fails
« Reply #1 on: October 18, 2016, 02:57:20 pm »
Update :

The Zentayal logs aren't very helpful with this particular issue.
I have managed to find a work-around for this, however it is still not clear to me why this is the way it is, or whether it is an oversight by the developers.

1. Login to the zentayal server and get to a shell; Switch to root user.

2. Mount the partition where u want the share to be. Setup correctly under /etc/fstab as follows. ( /u is my mountpoint for my 2nd disk  ( partitioned  /dev/sdb1 )

    /dev/sdb1 /u      ext4    errors=remount-ro,acl,user_xattr,usrquota,grpquota,acl  0       1
   
     or
 
   UUID=54fc9f7f-d13d-4649-b104-1584d4e7cd96       /u      ext4    errors=remount-ro,acl,user_xattr,usrquota,grpquota,acl  0       1

   From terminal, make the mount point, mkdir /u, then do a mount -a , to mount the disk at /u.

3. Change the ownership of the mountpoint /u to root and the group to domain users.
 
    chown root:domain\ users /u

4. Create a folder that you want to share. cd to /u
 
    mkdir Folder1

5. Change the ownership and group of the folder
 
    chown root:domain\ users Folder1
    then
    chmod 770 /u/Folder1

6. Now go to the zentayal web interface under File Sharing,. create a new share.
    Share name = Folder1
    Share Path = Select filesystem path, type in /u/Folder1.
    Comment = Whatever you like
    Tick Apply ACLS recursively.

7.  Click Add, then Save Changes, the samba module should return success, i.e share created without any errors.

8. Add an ACL for the Folder1 share.

If there is any one who can update / or contribute to clarify or define this issue,, please feel free to do so.
Perhaps someone can shed some light on how and why this issue occurs.

References I used: https://forum.zentyal.org/index.php?topic=21038.0
NOTE : I used root:domain\ users instead of ebox:ebox like mentioned in the above link.
   
   


 
« Last Edit: November 08, 2016, 09:43:52 am by nix666 »