[Samba] Problems with permissions
Dr. Harry Knitter
harry at knitter-edv-beratung.de
Sun Jan 18 03:01:13 MST 2015
Rowland Penny <rowlandpenny at googlemail.com> schrieb am 18.01.2015:
>
> Please don't send PM's, it breaks the thread, how was anybody other than
> Jeremy to know you sent it ??
This happened, becaus I got Jeremies mail by PM, too and did not take care to
send my answer to the list, too. Sorry again
@ all
my samba version is 3.6.6.6.-deb7
@ Marc Muehlfeld
Not having a samba 4 version I tried
https://wiki.samba.org/index.php/Setup_and_configure_file_shares_with_POSIX_ACLs
>
> OK, in which case, can you post your entire smb.conf
>
<smb.conf>
workgroup = mydomain.lan
server string = %h server
interfaces = eth0
bind interfaces only = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:*
%n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
name resolve order = lmhosts host wins bcast
add user script = /usr/sbin/adduser --quiet --disabled-password --gecos
"" %u
add group script = /usr/sbin/addgroup --force-badname %g
add machine script = /usr/sbin/useradd -g machines -c "%u machine
account" -d /var/lib/samba -s /bin/false %u
logon drive = H:
domain logons = Yes
domain master = Yes
wins support = no
panic action = /usr/share/samba/panic-action %d
admin users = @ntadmin, root
os level = 64
log level = 3 smb:5
[homes]
comment = Home Directories
valid users = %S
read only = No
create mask = 0700
directory mask = 0700
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
printable = Yes
print ok = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
[public]
path = /home/ldap
read only = no
valid users = +users, root
guest ok = no
force group = users
force user = harry
create mask = 777
directory mask = 777
inherit permissions = yes
Unix premissions are set to 2777 according to
https://wiki.samba.org/index.php/Setup_and_configure_file_shares_with_POSIX_ACLs
The status quo is from the view of the Windows clients:
No full controll for neither owner group nor everyone in standard permissions.
Only special permissions:
On existing directories:
owner has full control
group has full control
everyone has full control
on existing files
owner full control and delete not set
group full control and delete not set
everyone full control and delete not set
directories created new
owner has full control
group has full control
everyone has full control
files crated new
owner full control and delete not set
group full control, search/execute, delete, change permissions, take ownership
not set
everyone same as group
New created directories have unix permissions according to directory mask.
New created files have 766 (create mask is 777).
When connecting as othe user than owner, e.g. root/Administrator.
the ownership of new directories and files is root (force user is not done).
Trying to change permissions from Windows clients shows no effect.
Hope this will help you to help me. Thanks.
Harry
--
no PMs please, I am reading the list
More information about the samba
mailing list