On Mar 22, 2011, at 12:04 PM, Christopher Hearn wrote:
> We're starting to get into more fine grained ACLs with our OS X file server, and I'm trying to take any standard POSIX permissions out of the equation to eliminate confusion. On all files & directories from the share point & below, everything is owned by root:wheel & permissions are set to "chmod 750". I'm managing ACLs via Server Admin, and I have two basic groups, one with read only access & one with read/write. I'm using the default "read only" & "read/write" permission set in Server Admin & everything is propagated down into the share.
>
> What I'm finding is that this setup is working well for Windows users (Windows respects the ACL), but I'm getting mixed results for Mac users that use AFP (sometimes it works, sometimes it doesn't). I'm not able to see anything useful in the error logs as to why this might be. I'm wondering if anyone else has had experience with AFP not using the ACLs.
What applications are the users using? Can you correlate the issues with a particular application(s)?
The most common issue I've ran into is where the work flow needs a permission inherited at some point but the file moves with in a share point. ACLs are only applied at the time of file/folder creation.
I have found it much easier to use full control ACEs instead of r/w ones, but YMV and you needs may differ from mine.
Be prepared, you will likely be requested to define what "not works" means in a more precise manner.
-Warren
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
