Visibility beyond an IRF not working as expected.

  • 7004805
  • 05-Nov-2009
  • 27-Apr-2012


Novell Open Enterprise Server 2 (OES 2) Linux


A user can not see a directory he has received rights to when that directory is beyond a directory with a full blocking Inherited Rights Filter, when he also has a trustee assignment to the parent directory of the directory with the IRF.

For instance:DATA:
     └───DIR01               => USER01 received RF
         └───SUBDIR          => IRF that blocks all rights is set
             └───SUBSUBDIR   => USER01 received RF

After that, that user can not browse to SUBSUBDIR.
With the files stored on Novell NetWare 6.5, this works fine. When the directories are stored on Novell Open Enterprise Server 2 Linux, you can not see any files or folders beyond SUBDIR or even that folder.

The rights command shows:Effective Rights
        File: /media/nss/DATA/userdata/DIR01/SUBDIR/
        User: .USER01.Novell.DA.
So the visibility right is present, non the less it does not seem to flow back up.

The phenomena is also seen when the path between the initial folder and the deepest level where the user received rights is longer, as long as there is a IRF between them the user can only browse untill the folder with the IRF, but can not see it.
The only workaround is to deactivate the "File Scan" filter in the IRF.


This issue has been addressed in the Open Enterprise Server Scheduled Maintenance 20100130 Patch.
A Fully Patched OES2SP1 and OES2SP2 server should not demonstrate these phenomena.