[Samba] create mask

Tue Aug 17 18:03:26 GMT 2004

Hi,

Thanks for the reply.

Changing my umask to 000 is something I am not willing to do for security 
reasons.

I do have the mount point owned by the user, as you suggest.  

I also am loathe to put 0777 masks in my global area of my conf, also for 
security reasons.

The way things are set up on the network, I really need the thing to work as 
it should.  I have not tried "directory security mask" yet, perhaps I can do 
that...  Not sure what the difference is between that and "directory mask"...

Thanks again.

Chris

On Tuesday 17 August 2004 01:01 pm, you wrote:
> i have the same problem taht you describe.  I have done a workaround.
> in the clients linux pc's, i change the value of umask to 000, adn it did
> the work.  Also, the mounting point MUST  BE owned by the user, and in
> order to force thing on the server side, i have to put the following inside
> global definition (wich is weird, enforcing create mask always work at
> share level on samba 2.2 and newer 3.xx version):
>
>
> create mask = 0777
> directory mask = 0777
> directory security mask = 0777
>
> of course, it exposed all the shares to be writeable, but i have fiddling
> with the share definition using
> valid users = +userslist
> to contain things a little.
> I will try with newer version of samba (must be compiled form source...) to
> see if thing are still having a weird behavior
>
>
>
>
> ____________________
> Raúl Pittí Palma
> Associate
> Global Engineering and Technology S.A.
> móvil. (507) - 616 - 0194
> ----- Original Message -----
> From: "Chris" <chrisd at better-investing.org>
> To: <samba at lists.samba.org>
> Sent: Tuesday, August 17, 2004 10:12 AM
> Subject: [Samba] create mask
>
> > Hello.
> >
> > I have set up a new samba server here at work, and for most things it is
> > working great -- but there is yet one major issue.
> >
> > It works fine for Windows and Dave clients, but the problem arises when I
>
> use
>
> > smbmount. It is set up as a domain member of an ADS domain.
> >
> > For example, I have a public share that everyone in the office should be
>
> able
>
> > to access, regardless of platform or even username.
> >
> > I have this in my smb.conf:
> >
> > =========================
> > [public_tmp]
> >         path = /public_tmp
> >         writable = yes
> >         guest ok = yes
> >         public = yes
> >         create mask = 0777
> >         directory mask =0777
> >         browseable = yes
> >         read only = no
> >         nt acl support = yes
> > =========================
> >
> > Now, what this should do is force everything moved or copied to this
> > share
>
> to
>
> > a mode of 777. It does just this for windows users and Dave users -- but
>
> if I
>
> > smbmount it it does not. If I used konqueror to move the file, it gives
> > me
>
> a
>
> > pop-up saying: "Could not change permissions for /file/name". If I copy
> > it
>
> on
>
> > the command line, it doesn't complain, but the perms are still wrong. It
> > always applies my system's umask. This is not good, because then others
> > cannot utilize files placed in this share.  If I try a chmod on the
> > smbmounted dir for files I create, I get "operation not permitted".
> >
> > I wish to stress here that this did not happen with samba 2.0.7 on an nt4
> > domain, it started with 3.x on an ADS domain.
> >
> > I used to mount it like so:
> >
> > /usr/bin/smbmount //servername/public_tmp /mnt/public_tmp -o
> > username=chris,workgroup=myworkgroup
> >
> >
> > But, obviously, it doesn't want to work anymore, so I tried this:
> >
> >
> > smbmount //servername/public_tmp /mnt/public_tmp -o
> > username=chris,workgroup=myworkgroup,krb,dmask=777,umask=000
> >
> >
> > I appreciate any help.
> >
> > Thanks!
> >
> > Chris
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba