Skip to main content

Windows Access Control Lists

These options control how Fusion File Share stores Windows Access Control Lists (ACLs).

The supported methods are:

  • xattr[:<variant>]

    Save ACLs in a dedicated extended attribute. Optional argument <variant> specifies the name of the extended attribute and the format to use in saving the ACLs:

    • ‘raw’ – Self-relative security descriptor in Fusion File Share-specific extended attribute “user.tsmb.$sd” (default)
    • ‘v3’ – Samba-compatible extended attribute “security.NTACL” without duplication in POSIX ACL

  • native

    Save ACLs natively in file system (for NTFS or private VFS module with corresponding support)

  • posix-acl[:<option>]

    Convert Windows ACLs to POSIX ACLs using a best effort mapping. Optional argument <option> allows modifying the utilized mapping:

    • ‘map_full_control’ – map POSIX ”rwx” to ”Full Control” permission set

Default:

map_acls = xattr:raw