KazuyaDarklight
Dabbler
- Joined
- May 8, 2019
- Messages
- 36
TLDR; Last paragraph for what I'm asking.
So I want some thoughts on this. We aren't entirely sure how the user caused this to happen but they are on a Mac so I'm inclined to at least partially blame that since, even though they've depricated in favor of SMB, its always the Macs that seem to cause permissions issues.
They have a folder shared to them over SMB "suddenly" some of the folders/files in it disappeared and on investigation, even more of them were invisible to us in IT (we are supposed to have inherited full access).
We were able to find the folders on the server via Shell, but somehow their permissions were incorrect, getfacl shows that for the files the user couldn't see, they were the only person in the ACL and they had write but not read and some of the other permissions, whereas the ones he could see but we could not, again had him as the only person but he at least had the permissions needed to see the files/folders. On the fully working folders the ACLs were appropriately complex with the permissions for the various accessing groups, including IT, listed.
We were able to "fix" the issue here by copying the folders in shell, the copied versions gained the correct inherited ACLs and were fine and then we could remove the bad copy. But when working with an SMB share like this, is there a "better" way to fix the permissions on files when we can't actually see them via windows client? I know, now, that chmod is disabled. Since we had good folders, is there an easy way to copy ACLs from one to another, recursively to get its contents too? Is there a way to at least fix the ACLs enough that the folder would have shown up in SMB so we could do the further fixing from there
So I want some thoughts on this. We aren't entirely sure how the user caused this to happen but they are on a Mac so I'm inclined to at least partially blame that since, even though they've depricated in favor of SMB, its always the Macs that seem to cause permissions issues.
They have a folder shared to them over SMB "suddenly" some of the folders/files in it disappeared and on investigation, even more of them were invisible to us in IT (we are supposed to have inherited full access).
We were able to find the folders on the server via Shell, but somehow their permissions were incorrect, getfacl shows that for the files the user couldn't see, they were the only person in the ACL and they had write but not read and some of the other permissions, whereas the ones he could see but we could not, again had him as the only person but he at least had the permissions needed to see the files/folders. On the fully working folders the ACLs were appropriately complex with the permissions for the various accessing groups, including IT, listed.
We were able to "fix" the issue here by copying the folders in shell, the copied versions gained the correct inherited ACLs and were fine and then we could remove the bad copy. But when working with an SMB share like this, is there a "better" way to fix the permissions on files when we can't actually see them via windows client? I know, now, that chmod is disabled. Since we had good folders, is there an easy way to copy ACLs from one to another, recursively to get its contents too? Is there a way to at least fix the ACLs enough that the folder would have shown up in SMB so we could do the further fixing from there
Last edited:
