[Samba] force group parameter problem
Chris Wright
cwright at itos.uga.edu
Wed May 7 17:58:32 GMT 2003
Hello. I'm having some trouble with the force group parameter in the
smb.conf file. I'm running samba 2.2.8a on RedHat 9.
The smb.conf file has the following entries:
[sales]
comment = Sales Share
path = /sales
public = no
writable = yes
create mask = 0770
directory mask = 0770
force group = +sales
The UNIX permissions on /sales are 770.
User bob has a primary UNIX group of marketing and a secondary group of
sales. The command "groups bob" shows that he IS a member of both
groups. When he tries to connect, however, access is denied. The log
file reads:
[2003/05/07 13:38:17, 0] smbd/service.c:set_current_service(60)
chdir (/sales) failed
If I change the force group entry to "force group = sales", then bob can
connect and created files and folders. Further an ls -l on the file
shows:
-rwxrw---- 1 bob sales 0 May 7
08:40 filename
With this configuration, the user sue, who is not a member of sales and
therefore should not have access to the files, can also create and edit
files on the share.
-rwxrw---- 1 sue sales 0 May 7
08:45 suesfile
If I understood the smb.conf man page correctly, the "force group =
sales" line is functioning correctly because it changes the users
primary group to sales giving them the rwx permissions on the share
regardless of whether or not the user is in the sales group. The line
"force group = +sales" should allow bob to connect with rwx because he
actually IS a member of sales, but deny sue because she is not a member
of sales.
Does anybody have any ideas on how to get this to work? Any help would
be greatly appreciated. Thank you.
Chris Wright
Network Specialist
Information Technology Outreach Services (ITOS)
University of Georgia
(706) 542-1976
cwright at itos.uga.edu
More information about the samba
mailing list