[Samba] home directory permissions
Bruno RICHARD
bruno.richard at lium.univ-lemans.fr
Wed Nov 30 16:38:50 GMT 2005
Thanks for your answer.
But I'm on a solaris box...
Just a precision: It fails only if "teachers" is not the primary group
of "bob".
(i.e. if "teachers" is the primary group of "bob", the smblclient succeed
while the teachers repository permissions are:
drwxrwx--- 2 root teachers 177 Nov 15 13:22 teachers )
It seems that samba doesn't use the notion of secondary groups membership.
(openldap does: it works with ssh connection).
Nobody has such pb ?
Guido Leisker wrote:
>
>
> Bruno RICHARD wrote:
>
>> Hi all,
>>
>> I use samba-3.0.20b on a solaris 10 box with a ldap backend.
>> All works fine except one thing:
>> I have an account "bob".
>> Its home directory is "/tmp/teachers/bob"
>> Its group is "teachers".
>> However when I define the teachers repository permissions like this:
>>
>> [zoe.root:367] ls -al /tmp
>> drwxrwx--- 2 root teachers 177 Nov 15 13:22 teachers
>> (access in rwx only for root and "teachers" group members)
>>
>> It doesn't work anymore (i.e. smbclient fails).
>>
>> For security reasons I have to define such permissions.
>> Does anyone have a tip or a clue ?
>> Thanks in advance.
>> Bruno
>>
>>
>> for information:
>> ---------------------
>> smb daemons run as root
>> and permissions on the bob's repository are:
>> [zoe.root:368] ls -al /tmp/teachers
>> drwxr-xr-x 2 bob teachers 178 Nov 30 15:38 bob
>>
> I had a simalar problem.
> Do you use selinux?
> Look
> # man samba_selinux
>
> so
> # setsebool -P samba_enable_home_dirs 1
> solved my problems
--
-----------------------------------------------------------
Bruno RICHARD
Ingénieur d'études
Laboratoire d'Informatique de l'Université du Maine
L.I.U.M. - CNRS FRE 2730
Département Informatique
Université du Maine
Av. O.MESSIAEN 72085 LE MANS CEDEX 9
email : Bruno.Richard at lium.univ-lemans.fr
tel : 02.43.83.38.49
-----------------------------------------------------------
More information about the samba
mailing list