[Samba] Unusual permissions problem

[Ray Anderson]

Hello,

I have an issue with samba-3.0.10-1.fc3 permissions.

The situation is this:

I have a client that wants one user to have write permission to a directory, but a GROUP of users to have read access.  Simple,
right?  First, I set up the directory structure per Linux:

(According to the samba guide, it's more efficient to use sticky bits on the directory instead of using the force user clause in the
smb.conf file.)

drwsr-s---   2 tcuser tcgroup 8.0K Jun 10 08:06 timecards

Testing:
	Log in as a user who is a member of the tcgroup, can read all files in the tree:  Success
	Log in as tcuser, can read, write, and delete all files in the tree:  Success

So I'm feeling pretty good about the Linux permissions.  Now time to create the share:


[timecards]
   comment = Timecards
   path = /timecards
   create mask = 0640
   write list = tcuser
   valid users = tcuser, @tcgroup

If I understand correctly, and obviously I don't, the write list and valid users lines are redundant, as Samba is supposed to use
the file system permissions.

Now the issue:

I log in (via smbclient) as tcuser:  Success

Put a file into the share:  Success

Rename the file:  Success

Get the file back:  Access Denied.

So this user can put files but cannot read them back.  (!)

The really strange thing is if I set the world read bit to the file, then tcuser can read the file just fine, but from a Linux file
permission perspective, that's a really bad thing, right?

Any advice for this?

Many thanks in advance,

-=Ray