Problems with SAMBA and setting of Group ID bit

Drew.Zeller at statcan.ca Drew.Zeller at statcan.ca
Tue Oct 30 10:23:13 GMT 2001


> Hi, 
> 
> I have SAMBA 2.2.2 running on a HP-UX 11.00 server, using the JFS 3.3 with
> POSIX ACL support for the Unix file systems. 
> 
> The problem that I am hitting seems to occur when I create a directory
> under a share with the SAMBA inherit permissions option set, and the root
> level of the share directory has the group bit id set.  If a user creates
> a directory under the share and is not a member of the group assigned to
> the directories root level (but has access through an ACL), the new
> sub-directory is created with the appropriate user and group set, and with
> the appropriate permissions, except the group id bit is not set, thus if
> another directory or file is created in the previous directory, the wrong
> group is assigned.
> 
> For example, the directory /home has the following settings 
> drwxrwsr-t+ 11 root       group1        1024 Oct 29 15:00 home
> 
> and is shared out as a samba share called test with the inherit
> permissions value set to yes.  If a user (who is not a member of group1,
> but has a primary group of group2) creates a directory (say test2) under
> the test share, the directory created will have the following setting :
> drwxrwxr-t+  3 zelldre    group1          96 Oct 29 16:07 test2
> 
> As you can see, the "s" representing the group id bit has not been carried
> over.  Now if the same user as above creates a sub-directory under the
> test2 directory (called test3) the following are the directory values set
> :
> drwxrwxr-t+  2 zelldre    group2              96 Oct 29 16:07 test3
> 
> This problem does not occur if the user is a member of the group assigned
> to the root level of the directory created.
> 
> Does anyone have any ideas?
> 
> Thanks.
> 
> Here is a copy of my smb.conf file :
> #
> #======================= Global Settings
> =====================================
> #
> 
> [global]
> 
>    workgroup = NAEDNET
>    server string = Test
>    debug level = 0
> 
> ;-------------------
> ; Validation
> ;-------------------
>    guest account = nobody
>    security = domain
>    password server = iead-pdc iea05
>    encrypt passwords = yes
>    public = no
> 
> ;-------------------
> ; Printers
> ;-------------------
>    load printers = no
>    printable = no
> ;  printcap name = lpstat
> ;  printing = bsd
> 
> ;-------------------
> ; Log Files
> ;-------------------
>    log file = /usr/local/samba/var/log.%m
>    max log size = 50
> 
> ;-------------------
> ; Tuning
> ;-------------------
> ;  socket options = TCP_NODELAY
>    dead time = 15
>    read prediction = true
> 
> ;-------------------
> ; Master Browser
> ;-------------------
>    local master = no
> ;  os level = 33
>    domain master = no
>    preferred master = no
> ;   browseable = no
> 
> ;-------------------
> ; Domain Controler
> ;-------------------
> ;  domain controller =
>    domain logons = no
> ;  logon script = %m.bat
> ;  logon script = %U.bat
> ;  logon path = \\%L\Profiles\%U
> 
> 
> ;-------------------
> ; Name Resolution
> ;-------------------
>    wins support = no
>    wins server = 142.205.52.11
>    wins proxy = no
>    dns proxy = no
> 
> ;-------------------
> ; File Locking
> ;-------------------
> 
> ;-------------------
> ; Name Mangling
> ;-------------------
>    preserve case = no
>    short preserve case = no
>    nt acl support = yes
> 
> #============================ Share Definitions
> ==============================
> 
> ;-------------------
> ; Load Shares Definition
> ;-------------------
> 
>    include = /usr/local/samba/lib/shares.conf
> 
> 
> #=========================================================================
> ====
> 
> Also, here is a copy of my shares.conf :
> 
> 
> ;--------------------------------------------------
> ;           Shares Definition
> ;--------------------------------------------------
> 
> [test]
>    comment         = test Directory
>    path            = /home
>    browsable       = yes
>    writable        = yes
>    inherit permissions = yes
>    public          = no
>    create mask     = 0774
>    directory mask  = 0774
> 
> 




More information about the samba mailing list