[Samba] Help pls. -- Samba permission question
J Gao
jgao at veecall.com
Wed Dec 12 15:18:45 MST 2012
On 12-12-12 12:52 PM, Gary Dale wrote:
> On 12/12/12 02:07 PM, J Gao wrote:
>> Thank you Gary for the help.
>>
>>
>> On 12-12-12 09:45 AM, Gary Dale wrote:
>>> If you want the CIFS permissions to be set correctly, use the Samba/CIFS
>>> tools to set them (ie. set them from the client. Don't set them using
>>> Unix permissions on the server).
>>
>> I don't know if I'm doing it correct. I'm using a bash script to help
>> user mount the CIFS share like this:
>>
>> sudo mount.cifs //fileserver/management/ ${HOME}/fileserver/management
>> -o user=${USER},password=$userPass,uid=$UID,rw,mand
>>
>> Could you give me an example on using Samba/CIFS tools?
> That line mounts the share using the credentials you gave it but that
> doesn't set the permissions. If you right-click on the share's folder,
> you should be able to set the CIFS permissions.
>
>
OK, right-click in natilus works. But how can I set this up by default.
I mean once the share mounted, it will set the correct permission to 770
if the user copy files on the share?
I read man page for the cifs.mount but I couldn't figure it out myself.
Here are more info:
1. The management group has gid=1018 on the server.
2. Once the share mounted on the Ubuntu client, the share's group ID set
to numeric 1018. (there isn't a local gid 1018)
3. When copy a file, for example:
-rwxr--r-- 1 gao gao 14429 Nov 20 09:56 test
to the mounted share, the permission appears to be:
-rwxrwxr-- 1 gao 1018 14429 Nov 20 09:56 test
And I check it on the Samba server:
-rwxrwxr-- 1 gao management 14429 Nov 20 09:56 test
So the permission changed to 774, not 770. I think somehow it combined
the permission here.
Just like you said, I can change it to 770 from the right-click. But I
prefer to do it automatically.
Please help.
Thanks a lot.
Gao
>>
>>
>>
>>>
>>> Your example shows you setting the group to managegroup but your
>>> smb.conf forces the group to management. Which is it?
>>
>> my typo. I want make clear so I change the group name to managegroup.
>> The actual group name it the same "managment" which I think may cause
>> confusion when I post my question. Sorry.
>>
>> Bets Regards.
>>
>> Gao
> So is your user a member of management? Rather than forcing the group to
> management, you could just add members to the group.
>
> Also, when you set the Unix ownership and permissions too tightly, you
> may prevent Samba from accessing the share properly. Since the share
> directories and files are to be accessed only through CIFS/Samba, the
> Unix permissions can and should be very loose. My shares all have Unix
> permissions with everyone having rwx access.
>
>
>>
>>
>>>
>>> The last line in your server commands I believe should be chmod, not
>>> chowm.
>>>
>>>
>>> On 12/12/12 12:21 PM, J Gao wrote:
>>>> Hi, All,
>>>>
>>>> I'm having a problem with my samba server(v3.6.9) setup. I have a
>>>> share on the server:
>>>>
>>>> #cd /
>>>> #mkdir managment
>>>> #chown -R root:managegroup management
>>>> #chowm -R 2770 management
>>>>
>>>> When I test this I found out:
>>>> the managegroup member can create new file/dir with the correct
>>>> permission: -rwxrws--- or drwxrws---
>>>>
>>>> BUT, when the client copy a file or dir to the share from his local
>>>> drive, then some file/dir will have different the permission when it
>>>> coiped to the Samba share. (for example, drwxrwxr-x)
>>>>
>>>> We have both Windows and Ubuntu client. Ubuntu client use cifs.mount
>>>> to access the Samba share.
>>>>
>>>> Here is my smb.conf file. Please help me. All I want is when and file
>>>> and/or dir end up on the samba share, it should have 770 permission.
>>>>
>>>> Thanks.
>>>>
>>>> Gao
>>>>
>>>>
>>>> my smb.conf:
>>>> ============================================
>>>> [global]
>>>> workgroup = WORKGROUP
>>>> server string = My File Server
>>>> interfaces = lo bond0 192.168.1.2/24
>>>> hosts allow = 127. 192.168.1.
>>>> log file = /var/log/samba/log.%m
>>>> max log size = 1000
>>>> security = user
>>>> passdb backend = tdbsam
>>>> guest account = nobody
>>>> map to guest = Bad User
>>>> wins support = yes
>>>> dns proxy = no
>>>> map acl inherit = yes
>>>> nt acl support = yes
>>>> load printers = no
>>>> printing = bsd
>>>> printcap name = /dev/null
>>>> disable spoolss = yes
>>>> create mask = 0770
>>>> force security mode = 0770
>>>> force create mode = 0770
>>>> directory mask = 0770
>>>> force directory mode = 0770
>>>>
>>>> [Management]
>>>> comment =
>>>> path = /management
>>>> browsable = yes
>>>> public = no
>>>> writable = yes
>>>> read only = no
>>>> force group = management
>>>> valid users = @management
>>>>
>>>> ========================================
>>>>
>>>
>>
>>
>
--
More information about the samba
mailing list