[Samba] The way things used to work...

Dragan Lukic ldrax at panline.net
Thu Feb 19 16:31:53 GMT 2009 

Hello Dale,

I must say, your answer pushed me into more testing, and although it was not 
exactly answer that is visible in my solution, testing around your proposal 
finally got me where I wanted to be.

Now to describe my steps:
-1. Change mod for shared directory and it's all existing contents to 755 via 
file manager (Dolphin)
-2. Changed permissions on shared directory and assigned GID also via file 
manager
-3. Started smb service

smb.conf that does it all is bellow:
#======================= Global Settings =====================================
[global]
   workgroup = FOO
   server string = FOO
   security = share
   hosts allow = 192.168.125. 127.0.0.
   log file = /etc/samba/log/%m.log
   local master = yes
#============================ Share Definitions ==============================
[Share]
    path = /home/foobar/Documents/Share
    create mask = 0777
    force create mode = 0777
    directory mask = 0777
    force directory mode = 0777
    public = yes
    writable = yes


Now to elaborate :-)

First step is self explanatory, directory on file system must have sufficient 
permissions.
Second step is just for fixing group ownership for pasted files, and now all 
files are owned by nobody:localgroup although all are rwxrwxrwx
And third step (you will notice a bit modified conf) was to load that conf 
file.

Now, while testing all that comes to mind, I can relay this "debugging" info:
- Assigning UID along with (or later on) GID on shared directory via file 
manager does not work as GID, so ownership in that case is not 
localuser:localgroup but nobody:localgroup, thus preventing local user of 
changing pasted/shared files locally. fixed with 0777 permissions for create 
mode&mask.
- No files can be changed via samba, ie. cant open .odt file via samba at all, 
or even if possible, no changes can be saved, even if save as dialog is used 
and pointed to the same file on share. 0777 permissions for create mode&mask 
helped with all but any files that are opened with OOO
- There was ALWAYS error on first paste to shared dir via samba, while 
overwrite of existing file worked fine. That was resolved with 0777 
permissions for create mode&mask.
- if inherit owner = yes is omitted, there is no error, but I get back to 
nobody:localgroup ownership, and again  files can't be changed, also resolved 
with 0777 permissions for create mode&mask.
- since I have played at home, both remote and local user are the same, so I 
get good results, but I am still not sure will that inherit owner option work 
as I see now, or it will create file with remoteuser:localgroup permissions
- any usage of force user&group instructions will bring following error 
message: An error occurred while loading smb://hostname/Share:
The file or folder smb://hostname/Share does not exist

So, while it is against all decent Linux usage, granting 0777 permissions 
through smb.conf produces result that I needed.
In this way I can get behind forcing/inheriting owner and group, and local 
user can change files from local filesystem.
Now also txt files can be edited via samba, but not files that are opened by 
OpenOffice, so I guess that issue is within OOO.

So much hassle just to apply "normal" Linux usage and permissions.

It is still not so elegant solution, as smb.conf that I started with was, but 
if it is working, I am happy :-).

P.S. I guess that 0666 for create mode&mask instead 0777 would also work, but 
that number just look odd ;-)

Once again, many thanks to you all. If sometimes later on becomes possible to 
enforce user and group (that is true to produce "does not exist" error), as it 
was on older versions, I would be more than happy to use it again. Giving 777 
permissions just does not feel right.


On Wednesday, 18. February 2009. 17:25:43 you wrote:
> Dragan,
>
> I have reread your original post, and it sounds as if you have
> everything working except for user/group ownership of files created by
> Samba.
> The following steps have worked for me with security = user.  I do not
> know if they will work for security = share.
>
> chmod 2755 /home/foobar/Documents/Share (and to any existing
> subdirectories, if any)
>
> In [Share], change the following
>     directory mask = 2755
>     force directory mode = 2755
>
> add to [Share]
>     inherit owner = Yes
>
> Also, in [global], the current syntax is
>     security = share
> not
>     Server security = share
>
> See if this might work for you.
>
> Dale



-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: This is a digitally signed message part.
Url : http://lists.samba.org/archive/samba/attachments/20090219/85a44fc5/attachment.bin

More information about the samba mailing list