[Samba] Permission issue writing to demo share
Rowland Penny
rowlandpenny at googlemail.com
Fri Jun 27 11:22:41 MDT 2014
On 27/06/14 18:17, Lars Hanke wrote:
> Am 27.06.2014 19:03, schrieb Rowland Penny:
>> On 27/06/14 18:00, Lars Hanke wrote:
>>>>> [Demo]
>>>>> path = /srv/files/shares/Demo
>>>>> read only = no
>>> I think to remember that it is not required for file share users to
>>> have login permission to the file server. Am I wrong?
>> Do you have any unix users, if not, then no, but you still need 'acl'
>
> I have much more unix users than Win users and I'm currently trying to
> figure out how to set up the new infrastructure. Dropping NFS is at
> least an option - has pros and cons as all other options as well.
>
> About the ACL stuff:
>
> getfacl /srv/files/shares/Demo/
> getfacl: Removing leading '/' from absolute path names
> # file: srv/files/shares/Demo/
> # owner: root
> # group: root
> user::rwx
> group::r-x
> other::r-x
>
> But from a POSIX perspective AD\Administrator = 3000000 should have
> been denied writing as well according to those ACL.
>
> root at samba:/# ls -la /srv/files/shares/Demo
> total 8
> drwxr-xr-x 2 root root 35 Jun 27 14:24 .
> drwxr-xr-x 3 root root 17 Jun 13 13:19 ..
> -rwxrwxr-x+ 1 3000000 users 32 Jun 27 14:24 Erstellt von Admin.txt
>
> So, if this is an ACL or NSS issue, this at least doesn't explain itself.
>
> Regards,
> - lars.
>
OK, this is the top of nsswitch.conf on my AD DC:
passwd: compat winbind
group: compat winbind
And when I run ' getent passwd Administrator'
DOMAIN\Administrator:*:0:10000::/home/Administrator:/bin/bash
Hmm userid '0' I wonder who he is???
Rowland
More information about the samba
mailing list