1 <samba:parameter name="acl group control"
4 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
7 In a POSIX filesystem, only the owner of a file or directory and the superuser can modify the permissions
8 and ACLs on a file. If this parameter is set, then Samba overrides this restriction, and also allows the
9 <emphasis>primary group owner</emphasis> of a file or directory to modify the permissions and ACLs
13 On a Windows server, groups may be the owner of a file or directory - thus allowing anyone in
14 that group to modify the permissions on it. This allows the delegation of security controls
15 on a point in the filesystem to the group owner of a directory and anything below it also owned
16 by that group. This means there are multiple people with permissions to modify ACLs on a file
17 or directory, easing manageability.
20 This parameter allows Samba to also permit delegation of the control over a point in the exported
21 directory hierarchy in much the same way as Windows. This allows all members of a UNIX group to
22 control the permissions on a file or directory they have group ownership on.
26 This parameter is best used with the <smbconfoption name="inherit owner"/> option and also
27 on a share containing directories with the UNIX <emphasis>setgid bit</emphasis> set
28 on them, which causes new files and directories created within it to inherit the group
29 ownership from the containing directory.
33 This is parameter has been was deprecated in Samba 3.0.23, but re-activated in
34 Samba 3.0.31 and above, as it now only controls permission changes if the user
35 is in the owning primary group. It is now no longer equivalent to the
36 <parameter moreinfo="none">dos filemode</parameter> option.
41 <related>inherit owner</related>
42 <related>inherit permissions</related>
44 <value type="default">no</value>