[Samba] [Samba 2.2.6] share permissions override Unix rigths?

Mihail S. Dorofeev mdorofeev at sibnefteprovod.ru
Wed Nov 13 03:49:01 GMT 2002


Hi All!
I have Samba 2.2.6 installed on Solaris 8 SPARC. Samba is authenticating
users against LDAP (Netscape Directory Server 4.12)

One of my directories has rights as following (using synonyms):

d rwx r-x ---  owner : growner    VOL5

I have another user USER1 whose primary group membership is GROUP1,
supplementary groupmembership GROWNER.

My Samba config follows:

[VOL5]
        path = /export/home/VOL5
        valid users = +GROWNER
        admin users = USER1
        read only = No

The user USER1  ___CAN___ write to VOL5 share! although it actually DOES NOT
have UNIX rights to do this!!!!
All other users who are members of GROWNER ___CAN NOT____  write to VOL5.

Regarding this there are two questions:

1. Once Samba has authenticated a user successfully DOES it then check Unix
user permissions ? (I assume - YES)
1a.  Then WHY does it allow the user USER1 to write to VOL5 ? Does ___ADMIN
USER___ privilege override normal Unix permissions ???

2. WHY members of GROWNER  can NOT write to VOL5 though we have ___read only
= No___ option set...

Thanks in advance!




More information about the samba mailing list