file creatation rights issue
jason bigler
jason_bigler at yahoo.com
Wed Feb 1 20:51:07 GMT 2006
I am having an issue with file creatation ownership
rights with my samba public shares.
When an authenticated user (ADS - via krb5&ldap)
creates a file on the public share the defualt
ownership rights are as follows,
samba\root <full control>
Everyone <read>
samba\Domain Users <read,write>
the authenticated user him/her self should be the
owner however everyfile is created with the samba\root
as the owner.
What I find intersting is the file ownership is
correct on the home shares.
Where have I gone wrong?
completely stumped,
jason
p.s. Here is my configs for smb.conf and the pam samba
module
{smb.conf}
Realm = DOMAIN.COM
SECURITY = ADS
log level = 3
log file = /var/log/samba/%m
idmap backend = ad
encrypt passwords = yes
ldap admin dn =
cn=bindusername,dc=domain,dc=com
dns proxy = no
wins proxy = no
wins server = servername.domain.com
obey pam restrictions = yes
[share]
comment = local file share
path = /var/share/files
valid users = %U
admin users = @IT
read only = no
create mode = 0774
directory mode = 0775
[home]
comment = users home share
path = /home/%U
valid users = %U
read only = no
root preexec = /root/scripts/mkhomedir.sh %U
{samba pam module}
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_krb5.so
auth sufficient /lib/security/pam_unix.so
nullok try_first_pass
auth required /lib/security/pam_deny.so
account sufficient /lib/security/pam_krb5.so
account required /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so
retry=3
password required /lib/security/pam_krb5.so
use_first_pass use_authtok
password required /lib/security/pam_unix.so
nullok use_first_pass use_authtok md5
password required /lib/security/pam_deny.so
session sufficient /lib/security/pam_krb5.so
session required /lib/security/pam_limits.s
More information about the samba-technical
mailing list