[Samba] File permission problems after update from Samba 4 alpha 17 to Samba 4.0.5
X-Dimension
x-dimension at gmx.net
Sun Oct 20 11:48:11 MDT 2013
For what reason did you stay at NTVFS? Did you also tried to switch to S3FS?
I did some short tests today and created a new share named "Testing".
I created some folders and some subfolders as administrator on it.
The strange thing is, that a domain user can now rename the parent
folder, but not it's sub folders
or the files in these folders.
After this i switched to S3FS, and get the same results when trying to
rename the folders or files,
that i created with NTVFS before.
But if i create new folders with S3FS as administrator, everything works
fine and users can rename
or remove all folders, sub folders and files now.
Thats why i think it could be a better solution for me to switch to
S3FS, backup all existing Files, create
a new folder structure and copy all files back, that they get the S3FS
ACL attibutes.
But i don't know if i run into other problems when switching to S3FS and
going back again to NTVFS
is not so easy.
Am 17.10.2013 14:04, schrieb jef peeraer:
> i tested it on my installation and that worked out of the box. I must
> say i specified Administrator instead of Domain Users in the AD.
>
> jef
>
> Op 10/16/2013 10:52 PM, X-Dimension schreef:
>> Hi Jef!
>>
>> I have set xattr and acl in /etc/fstab since Samba4 alpha 17.
>> When i set all permissions to 0777 and also directory mask = 0777 and
>> create mask = 0777 for all shares
>> in /etc/smb.conf i get this behavior:
>>
>> 1. Login as administrator
>> - create a folder "test"
>> - create a file "text.txt" in the folder "test"
>>
>> 2. Login as user
>> - rename or delete the file "text.txt" works fine now! :)
>> - rename or delete the folder "test" still don't work :-(
>>
>> getfacl shows:
>>
>> getfacl Test/
>> # file: Test/
>> # owner: root
>> # group: users
>> user::rwx
>> group::rwx
>> other::rwx
>>
>> On the Windows side the group "Domain Users" has full access to the
>> folder "Test".
>>
>> Any other ideas, to fix my ACL problem?
>>
>> Am 15.10.2013 00:10, schrieb jef peeraer:
>>> i am also using samba 4.x.x with NTVFS, and experienced the same
>>> problems. Solved it with setting all directory permissions to 0777,
>>> and also
>>>
>>> directory mask = 0777
>>> create mask = 0777
>>>
>>> I know it looks terrible, but it works. NTVFS still has a lot of
>>> mysteries for me and doesn't get a lot of attention in the
>>> newsgroup....
>>> I suppose you already enabled xattr and acl in the file system.
>>>
>>> Jef Peeraer
>>>
>>> Op 10/14/2013 02:57 PM, X-Dimension schreef:
>>>> We had used Samba alpha 17 (included in Resara Server 1.2) for a long
>>>> time and
>>>> has now migrate it to Samba 4.0.5 (Ubuntu + Zentyal 3.0 PPA) with
>>>> NTVFS
>>>> enabled .
>>>>
>>>> Most things seems to work: DNS with Bind9_DLZ, domain join, user login
>>>> and also GPO are still working fine :)
>>>> But we have trouble with file permissions now!
>>>> All domain users can't rename or delete their own files which they had
>>>> created with Samba 4 alpha 17 before.
>>>> It looks like they only had 'read only' access to their files.
>>>> For example when the user peter at mydomain wants to rename/delete a file
>>>> he had created before, then he
>>>> gets an error message like "only peter at mydomain can rename this
>>>> file" or
>>>> "file is locked by peter at mydomain".
>>>>
>>>> Our global section of /etc/samba/smb.conf looks like this:
>>>> --
>>>> [global]
>>>> interfaces = eth0
>>>> workgroup = MYDOMAIN
>>>> realm = mydomain.lan
>>>> netbios name = PDC
>>>> server string = PDC
>>>> server role = active directory domain controller
>>>> passdb backend = samba4
>>>> server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
>>>> winbind, ntp_signd, kcc, dnsupdate, smb
>>>> dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr,
>>>> netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser,
>>>> eventlog6, backupkey, dnsserver, winreg, srvsvc
>>>> --
>>>> Because Samba 4 alpha 17 was using NTVFS, i thought it is the best
>>>> idea
>>>> to stay on NTVFS even on Samba 4.0.5.
>>>> But it looks, like i was wrong.
>>>>
>>>> Thanks for any ideas that helps us to fix our permission problem.
>>>>
More information about the samba
mailing list