[Samba] Share access permission errors after upgrade from 4.12.14
unraidster
unraidster at protonmail.com
Tue Jan 16 23:28:24 UTC 2024
On Tuesday, 16 January 2024 at 09:46, Rowland Penny via samba <samba at lists.samba.org> wrote:
> As far as I can see, unraid is based on slackware, so it should work.
> Is it possible to check the ownership & permissions set on
> /mnt/user/PrivateShare ?
>
> Is either apparmor or selinux running ?
>
> Rowland
Thanks for the reply, I have included some responses below:
The permissions set to /mnt/user/PrivateShare is:
drwxrwx---+ 1 ur_admin ur-lab_access 4.0K May 24 2023 PrivateShare/
There is an ACL set on that folder too:
getfacl: Removing leading '/' from absolute path names
# file: mnt/user/PrivateShare/
# owner: ur_admin
# group: ur-lab_access
user::rwx
user:ur-lab_access:rwx
user:ur-lab-privateshare-ro:r-x
user:ur-lab-privateshare-rw:rwx
group::rwx
group:ur_admin:rwx
group:ur-lab_access:rwx
group:ur-lab-privateshare-ro:r-x
group:ur-lab-privateshare-rw:rwx
mask::rwx
other::---
default:user::rwx
default:user:ur_admin:rwx
default:user:ur-lab-privateshare-ro:r-x
default:user:ur-lab-privateshare-rw:rwx
default:group::---
default:group:ur_admin:rwx
default:group:ur-lab_access:---
default:group:ur-lab-privateshare-ro:r-x
default:group:ur-lab-privateshare-rw:rwx
default:mask::rwx
default:other::---
The rwuser is a member of the ur-lab-privateshare-rw group. I noticed that there are two groups (ur-lab-privateshare-ro and ur-lab-privateshare-rw) setup with a user and a group permission in the ACL. I retested after removing both groups' user permission (leaving the intended group ACL entry for each group) and still received the same error. The non-updated-IDMAP configuration I started the thread with did not have a duplicate user ACL for the groups and therefore I suspect it isn’t contributing to this issue.
apparmor: I tried the following commands to see if apparmor was enabled:
cat /sys/module/apparmor/parameters/enabled
sudo apparmor_status
Neither returned a result.
Selinux: I tried the following commands to see if selinux was enabled:
sudo getenforce
sudo sestatus
Neither returned a result.
Therefore, I suspect that apparmor and selinux are not installed/enabled.
Best Regards,
Unraidster
More information about the samba
mailing list