files in cifs mounted share are always created universal rw

steve steve at steve-ss.com
Sun Feb 3 00:54:42 MST 2013 

Hi everyone.

Whenever a file is created in a cifs mounted share from samba 4.0.3 git 
on a Linux client, it is always created with universal rw no matter what 
permissions and acl are set on the underlying ext4 file system.

I posted the details on the samba list but got no hits. Can anyone here 
help?

Here is a copy of the post:

I have these shares in smb.conf:
[home2]
         path = /home2
         read only = No
[home]
         path = /home2/home
         read only = No

I mount [home] on a Linux client like this:
mount -t cifs //hh1/home2 /home2 -osec=krb5,rw,multiuser

Here is the output of the mount command:

//hh1/home2 on /home2 type cifs 
(rw,relatime,vers=1.0,sec=krb5,cache=loose,unc=\\hh1\home2,multiuser,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.1.2,unix,posixpaths,serverino,acl,noperm,rsize=1048576,wsize=65536,actimeo=1)

Here are the acl's on the relevant directories:

getfacl /home2
getfacl: Removing leading '/' from absolute path names
# file: home2
# owner: root
# group: root
user::rwx
group::r-x
other::r-x

getfacl /home2/home
getfacl: Removing leading '/' from absolute path names
# file: home2/home
# owner: root
# group: root
user::rwx
group::r-x
other::r-x

getfacl /home2/home/steve2
getfacl: Removing leading '/' from absolute path names
# file: home2/home/steve2
# owner: steve2
# group: Domain\040Users
user::rwx
group::r-x
other::r-x

Now, if steve2 logs in and creates a file on the cifs mounted share on 
the client:
steve2 at hh10:~> touch s2.txt

it is created with universal read write access:
steve2 at hh10:~> ls -l s2.txt
-rwxrwxrwx+ 1 steve2 Domain Users 0 Feb  1 12:08 s2.txt

getfacl s2.txt
# file: s2.txt
# owner: steve2
# group: Domain\040Users
user::rwx
user:steve2:rwx
group::rwx
group:Domain\040Users:rwx
mask::rwx
other::rwx

If I log into the fileserver as steve2 (I.e. when it's not mounted), it 
works fine and files are created as expected:
-rw-r--r--   1 steve2 Domain Users    0 Feb  1 11:52 s3.txt

Question:

Why does the cifs mounted share always create files with universal rw?
What can I do to correct this?

Cheers,
Steve

More information about the samba-technical mailing list