[Samba] Samba on AIX, issues setting read-only flag on files through Windows Explorer?

Mirza Dedic mirza.dedic at outlook.com
Tue Mar 31 08:01:46 MDT 2015 

Alternatively, anyone know where I could get the binaries for latest Samba 4.x branch for AIX?

----------------------------------------
> From: mirza.dedic at outlook.com
> To: samba at lists.samba.org
> Date: Mon, 30 Mar 2015 14:05:03 -0700
> Subject: [Samba] Samba on AIX, issues setting read-only flag on files through Windows Explorer?
>
> Hello list :)
>
> I am having issues setting the "read-only" flag via Windows Explorer on my AIX Samba share and I was hoping someone out there would be able to point me into the right direction to solving this issue...
>
> I have on my AIX 7.1 system installed Samba 3.6.24 and configured, joined to our Windows domain successfully.
>
> The samba binaries I got from perzl.org/aix
>
> In my smb.conf I have...
>
> [global]
>    workgroup = WEST
>    realm = west.mydomain.com
>    netbios name = van-xxxx
>    server string =
>    load printers = no
>    admin users = "VANXX\Administrator"
>    log level = 3
>    log file = /var/log/samba/%m.log
>    max log size = 50
>    security = ADS
>    password server = dc01.west.mydomain.com, dc02.west.mydomain.com
>    encrypt passwords = yes
>    guest ok = no
>    auth methods = winbind
>    socket options = TCP_NODELAY
>    interfaces = 172.xxx.xxx.xxx/22
>    bind interfaces only = yes
>    local master = no
>    os level = 33
>    domain master = no
>    preferred master = no
>    wins support = no
>    wins server = xxx.xxx.xxx.xxx
>    wins proxy = no
>    dns proxy = no
>    idmap uid = 5000-10000000
>    idmap gid = 5000-10000000
>    template homedir = /home/%U
>    template shell = /bin/bash
>    winbind use default domain = Yes
>    winbind nested groups = Yes
>    client use spnego = yes
>    client signing = yes
>
> [usr3]
>    comment = usr3
>    path = /usr3
>    read only = No
>    inherit permissions = Yes
>    nt acl support = Yes
>    printable = No
>    guest ok = No
>    veto oplock files = /*.log/
>
> Inside /usr3 I have a folder:
> drwxrwxrwx 17 root system 12288 Mar 30 11:23 appsrv
>
> Inside the appsrv folder I have a file:
> -r-xr--r-- 1 rober usr 111 Mar 30 10:50 BradTest.p
>
> On my Windows 7 machine I can browse to \\van-xxxxx\usr3 and I can go inside the appsrv directory and open/edit the BradTest.p file, and create other files in this directory, etc...
>
> I am debugging with a single file named "BradTest.p", its permissions are as follows...
>
> # stat BradTest.p
>   File: 'BradTest.p'
>   Size: 111             Blocks: 8          IO Block: 4096   regular file
> Device: 2e0001h/3014657d        Inode: 73597       Links: 1
> Access: (0766/-rwxrw-rw-)  Uid: ( 1165/   rober)   Gid: (  100/     usr)
>
> The BradTest.p file is owned by another user "rober", which is an Active Directory user-id.
>
> If I login to a Windows 7 machine as "rober" I can browse to the above file and set the read-only flag. If I login to the Windows 7 computer as another user such as "mirte", I can edit the file but I cannot change the read-only flag I get an access denied error message.
>
> Both users belong to the "usr" group, so why can't I logged in as mirte change the read-only flag on the file owned by rober? I can "chown mirte BradTest.p" and then i can modify the read-only flag.
>
> If logged into the computer as "mirte" and creating a dummy file called "testing'txt" in the Samba share, we can see the AD to UNIX userid mapping are working fine because the file created is owned by my user-id and the "usr" group...
>
> # stat testing.txt
>   File: 'testing.txt'
>   Size: 0               Blocks: 0          IO Block: 4096   regular empty file
> Device: 2e0001h/3014657d        Inode: 74877       Links: 1
> Access: (0766/-rwxrw-rw-)  Uid: (  205/   mirte)   Gid: (  100/     usr)
>
> I can then set the read-only flag, and when I stat the file again we see..
>
> I can then right click and properties this file and set the read-only flag and we see the permission change reflected below...
>
> # stat testing.txt
>   File: 'testing.txt'
>   Size: 0               Blocks: 0          IO Block: 4096   regular empty file
> Device: 2e0001h/3014657d        Inode: 74877       Links: 1
> Access: (0544/-r-xr--r--)  Uid: (  205/   mirte)   Gid: (  100/     usr)
>
> What I need to be able to do is as another developer check out a file by setting a read-only flag on it even if it is not owned by me, this previously worked for us prior to migrating to a newer system with a newer samba build (old system had samba 3.5.8, new system has 3.6.24).
>
> I am stumped as to how I could resolve this.. anyone able to point me to the right direction?
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba

More information about the samba mailing list