[Samba] Linux Mint 21.3 client AD joined OK but no usb working
Rowland Penny
rpenny at samba.org
Sat Mar 30 09:15:37 UTC 2024
On Thu, 28 Mar 2024 19:25:33 +0000
Rowland Penny via samba <samba at lists.samba.org> wrote:
> On Thu, 28 Mar 2024 20:10:32 +0100
> Kees van Vloten via samba <samba at lists.samba.org> wrote:
>
> > A local daemon will use /etc/nsswitch.conf to lookup UIDs and
> > Winbind can supply them.
> >
> > In addition I make (domain) users member of these local groups:
> >
> > audio,video,dialout,cdrom,floppy,lpadmin,plugdev,bluetooth,netdev,pulse-access,users
> >
> > Some users also want to be member of local-groups like: libvirt,
> > kvm, docker, vboxusers
> >
> > You can do this with: usermod -a -G <group> <domain-user>, this
> > mechanism works much better than pam_group (which does not work for
> > this purpose).
>
> It worked for myself:
>
> SAMDOM\rowland at rpidc1:~ $ groups
> domain users dialout cdrom floppy audio video plugdev scanner
> BUILTIN\administrators BUILTIN\users domain admins denied rodc
> password replication group rowland testgroup
>
> It just didn't help with the problem
> >
> > I do this when a domain-user logs in and the reverse when (s)he logs
> > off with a script triggered by pam-session, a copy is already in the
> > list archive somewhere.
>
> Perhaps running a script when a usb drive is inserted might be the way
> forward, but I haven't given up on either udev or udisks2 being able
> to set the correct ownership
>
After much searching on the internet, I have now given up on this, it
has nothing to do with Samba and everything to do with udev and udisks2.
When you insert a usb drive into a Linux computer, udev and udisks2
mount it on /media/USERNAME/USBDRIVENAME, it also mounts it as
root:root with the permissions set to drwxr-xr-x, so only root can
write to the drive, but everyone can traverse and read it.
From what I can see, this cannot be automatically changed and will not
be changed in code (he who is god, systemd wise, has spoken).
Provided the drive is using a Linux filesystem (ext2 etc) then you can
change the permissions with 'chown', but you would have to do this as
root, any other filesystem, then I think you are stuck with what you
are given.
Rowland
More information about the samba
mailing list