[Samba] Synchronizing offline files that I am not the owner of fails (Samba 2.2.8/3.0.0)

Jeremy Allison jra at samba.org
Thu Nov 20 01:08:27 GMT 2003


On Fri, Oct 31, 2003 at 12:03:10PM +1300, Craig Box wrote:
> Hi everyone,
> 
> Problem: Windows XP's offline files synchronization fails with an
> "Access is denied" message, if you have edited an offline file that you
> have group based access to, but you are not the owner of.  (Not using an
> ACL-compatible filesystem.)
> 
> In 2.2.x the change appears to be successfully written to the server
> anyway; subsequent synchronization attempts suggests that the network
> file is more up to date than the local version, and accepting this
> clears the error and leaves the newer version on both machines.
> 
> On 3.x it appears not to work at all.  When I'm online I can edit the
> file; when I'm offline and edit, the changes aren't written back.
> 
> 
> How to reproduce: 
> 
> 1. Create a Samba share (a home directory will suffice) that you can
> write to
> 2. Create a file in that share (using Windows), and mark it available
> offline
> 3. On Linux, set the ownership of the file to be group owned by your
> primary group, but a different user (simulating an edit by that user)
> 4. Stop Samba ("go offline")
> 5. Wait for Windows to say the share is offline, and edit the file in
> Windows.  Save and close the file.
> 6. Start Samba again
> 7. Attempt to synchronize.
> 
> A level 10 log for synchronizing 'more.txt' can be found at
> http://www.hs.net.nz/~crb/log.wks-acer.gz

Ok, I have made this work with Samba 3.0.1pre3.

What you need to do is to ensure that smbd is compiled with ACL
support, and running on a filesystem with posix acls. Then you
also need to set the parameter "dos filemode = yes" for the
share.

Then the sync with a non-owned file will work. The reason for
this is somewhat complex. Windows does a sync by creating a
new file with a temporary name, then sets an ACL on it that
matches the current one (but seems to add write access for the
current user, not just the owner). This must succeed else
the sync will fail. Then it sets the DOS attributes, again
this must succeed or the sync will fail. Under POSIX we encode
the attributes in the file permissions and these can only be
changed by the owner, unless the "dos filemode" parameter
is set.

Hope this helps, it can be done !

Jeremy.



More information about the samba mailing list