Using the acl xattr VFS Module

From SambaWiki
Jump to: navigation, search

Introduction

The acl_xattr Virtual File System (VFS) module enables you to use the fine-granular Windows Access Control Lists (ACL) on a share. For further details, see Setting up a Share Using Windows ACLs.

Samba stores the Windows ACLs in the security.NTACL extended attribute of a file or directory. Therefore, the file system of the share must support extended attributes. For details, see your operating system's and file system's documentation.



Enabling the acl_xattr Module

You can enable the acl_xattr module either globally in the the [global] section or for individual shares in the share's section. To enable the module:

  • Edit your smb.conf file. Depending on where to enable the module, add the following entry either to the [global] or to the share's section:
vfs objects = acl_xattr
  • Reload the Samba configuration:
# smbcontrol all reload-config



Additional Resources

For additional information, see the vfs_acl_xattr man page.