[Samba] Need help with share permissions

Andreas Oster aoster at novanetwork.de
Sat Oct 6 00:43:05 MDT 2012 

Am 05.10.2012 21:11, schrieb Jeremy Allison:
> Hmmm. The :
> 
> force directory mode = 0770
> directory mask = 0770
> 
> setting should do the trick. Are you also storing
> the DOS attributes in EA's ? You probably also
> need that to prevent UNIX permission modification.
> 
> Try adding:
> 
>    store dos attributes = yes
>    map readonly = no
>    map system = no
>    map hidden = no
>    map archive = no
> 
> and re-test creating a new directory.
> 
> Jeremy.
> -- To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
Hello Jeremy,

thank you for your reply. Unfortunately these settings did not help.
Directories still will have 0750 permission and now this does not change
to 0770 when doing a renaming. Files will now be created with 0640
instead of 0660.

Here the output of testparm :

[global]
        workgroup = MYDOM
        realm = MYDOM.DE
        server string = %h server (Samba, Ubuntu)
        security = ADS
        map to guest = Bad User
        obey pam restrictions = Yes
        syslog = 0
        log file = /var/log/samba/log.%m
        max log size = 1000
        max protocol = SMB2
        printcap name = cups
        dns proxy = No
        wins support = Yes
        panic action = /usr/share/samba/panic-action %d
        template homedir = /shares/homes/%U
        template shell = /bin/sh
        winbind cache time = 10
        winbind enum users = Yes
        winbind enum groups = Yes
        winbind use default domain = Yes
        winbind refresh tickets = Yes
        winbind offline logon = Yes
        idmap config *:range = 10000-20000
        idmap config MYDOM:range = 10000-20000
        idmap config MYDOM:backend = rid
        idmap config * : backend = tdb
        use client driver = Yes
        map archive = No
        map readonly = no
        store dos attributes = Yes

[homes]
        comment = Home Directories
        valid users = %S
        write list = %S, "+MYDOM\Domain Admins"
        force group = "MYDOM\Domain Users"
        create mask = 0770
        directory mask = 0770
        browseable = No

[printers]
        comment = All Printers
        path = /var/spool/samba
        create mask = 0700
        guest ok = Yes
        printable = Yes
        print ok = Yes
        browseable = No

[print$]
        comment = Printer Drivers
        path = /var/lib/samba/printers

[Pictures]
        comment = Pictures auf TICKSMB3
        path = /shares/pictures
        valid users = +MYDOM\Pictures, "+MYDOM\Domain Admins"
        force group = "MYDOM\Pictures"
        read only = No
        create mask = 0660
        force create mode = 0660
        directory mask = 0770
        force directory mode = 0770

Thank you for your kind help.

best regards

Andreas

More information about the samba mailing list