Univention Bugzilla – Bug 35137
Files on Samba 4.x shares not executable any longer without explicit "executable" permission
Last modified: 2014-07-10 13:35:21 CEST
+++ This bug was initially created as a clone of Bug #33785 +++ Samba 3.6 and earlier allowed open for execution when execute permissions are not present on a file. This has been fixed in Samba 4.0. This change caused an issue e.g. on Ticket#: 2013072221002032. Starting with Samba 4.0.10 there is a new share option "acl allow execute always", which instructs smbd to skip the execute bit from the ACL check, re-establishing the old behaviour in this case. Maybe we should make this configurable per share.
Added samba/acl/allow/execute/always (default yes) to univention-samba4 to configure samba option "acl allow execute always" (global). YAML: 2014-06-17-univention-samba4.yaml
Verified: * UCR variable is documented and set on update * smb.conf template default is yes * A user logged on to a windows client can execute files without x-bit * setting the variable to no restores the old behaviour * Advisory ok
http://errata.univention.de/ucs/3.2/142.html