[Samba] Unusual permissions problem
Ray Anderson
rsa at rb-com.com
Fri Jun 10 15:22:46 GMT 2005
Hello,
I have an issue with samba-3.0.10-1.fc3 permissions.
The situation is this:
I have a client that wants one user to have write permission to a directory, but a GROUP of users to have read access. Simple,
right? First, I set up the directory structure per Linux:
(According to the samba guide, it's more efficient to use sticky bits on the directory instead of using the force user clause in the
smb.conf file.)
drwsr-s--- 2 tcuser tcgroup 8.0K Jun 10 08:06 timecards
Testing:
Log in as a user who is a member of the tcgroup, can read all files in the tree: Success
Log in as tcuser, can read, write, and delete all files in the tree: Success
So I'm feeling pretty good about the Linux permissions. Now time to create the share:
[timecards]
comment = Timecards
path = /timecards
create mask = 0640
write list = tcuser
valid users = tcuser, @tcgroup
If I understand correctly, and obviously I don't, the write list and valid users lines are redundant, as Samba is supposed to use
the file system permissions.
Now the issue:
I log in (via smbclient) as tcuser: Success
Put a file into the share: Success
Rename the file: Success
Get the file back: Access Denied.
So this user can put files but cannot read them back. (!)
The really strange thing is if I set the world read bit to the file, then tcuser can read the file just fine, but from a Linux file
permission perspective, that's a really bad thing, right?
Any advice for this?
Many thanks in advance,
-=Ray
More information about the samba
mailing list