[Samba] Linux Mint 21.3 client AD joined OK but no usb working

Kees van Vloten keesvanvloten at gmail.com
Thu Mar 28 18:04:44 UTC 2024 

On 28-03-2024 18:53, Rowland Penny via samba wrote:
> On Thu, 28 Mar 2024 11:33:16 +0000
> Rowland Penny via samba <samba at lists.samba.org> wrote:
>
>> On Wed, 27 Mar 2024 18:13:16 +0000
>> Rowland Penny via samba <samba at lists.samba.org> wrote:
>>> Now thinking about apparmor, could this be stopping writing to the
>>> drive ?
>>>
>> No, I removed apparmor and rebooted, no different.
>>
>> Tried to format the drive, but it seems to have gone read only, so
>> used another drive and formatted that.
>>
>> When I insert the USB drive, it gets mounted on
>> /media/rowland/usbdrive1
>>
>> Checking the permissions on the path, shows this:
>>
>> rowland at devstation:~$ ls -ld /media/
>> drwxr-xr-x 4 root root 4096 Mar 27 17:15 /media/
>>
>> Anyone can traverse /media
>>
>> rowland at devstation:~$ ls -ld /media/rowland/
>> drwxr-x---+ 3 root root 4096 Mar 28 09:36 /media/rowland/
>>
>> There is an EA, so check that:
>>
>> rowland at devstation:~$ getfacl /media/rowland/
>> getfacl: Removing leading '/' from absolute path names
>> # file: media/rowland/
>> # owner: root
>> # group: root
>> user::rwx
>> user:rowland:r-x
>> group::---
>> mask::r-x
>> other::---
>>
>> Only 'root', members of the 'root' group and 'rowland' can traverse
>> /media/rowland
>>
>> rowland at devstation:~$ ls -ld /media/rowland/usbdrive1/
>> drwxr-xr-x 3 root root 4096 Mar 28 09:32 /media/rowland/usbdrive1/
>>
>> So 'rowland' can traverse to the 'usbdrive1' directory, but only
>> 'root' can write to it.
>>
>> WHY ??????????
>>
>> It mounts the drive in a directory named after the user, it allows the
>> user to get to the drive, but then denies the user the ability to
>> write to the drive.
>>
>> Off to find out just what 'mounts' the drive and how.
>>
>> Rowland
>>
> It seems that it is udev and udisks2 that automatically mount the USB
> drive after it is plugged into a USB port.
> The problem is I stated earlier, whilst it is mounted under a directory
> with the users name, it is mounted rwx for root and r-x for the user
> (others), which, if you think about it, is probably correct for a
> removable drive. Whilst the user may have one ID on a computer, they
> may have another ID on a different computer.
> The only cure I can find is to change the owner of the USB drives
> directory, e.g. chown rowland /media/rowland/usbdrive1
>
> Rowland

I did not read the whole thread back, so perhaps this is long obvious...

If the user is a domain-user and the same id-mapping is used everywhere, 
it should get the same UID/GID everywhere...


>

More information about the samba mailing list