[Samba] create mode not working with ACLs for me

Robert Mortimer rmortimer at bluechiptechnology.co.uk
Fri Dec 15 10:51:43 GMT 2006 

I have two directories that look the same but when a user edits a document
belonging to another user in one of them it sets the read-only flag. In the
other it does not.

I have the following in the main part of my smb.conf and in the share

create mode = 660
force create mode = 660
directory mode = 770
read only = no

Directory one has the following Unix and ACL permissions

drwxrwx---+ 2 rwallis TS_quality  4096 Dec 13 12:21 Processor
# file: Processor
# owner: rwallis
# group: TS_quality
user::rwx
user:rwallis:rwx
group::rwx
group:AD_Domain_Users:r-x
group:TS_quality:rwx
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:AD_Domain_Users:r-x
default:group:TS_quality:rwx
default:mask::rwx
default:other::---

if I (rmortimer member of TS_quality) edit a file it goes from

-rwxrwx---+ 1 rwallis   TS_main           30208 Dec 13 08:54 
TP934_DVT1.doc
# file: TP934_DVT1.doc
# owner: rwallis
# group: TS_main
user::rwx
user:rwallis:rwx
group::rwx
group:AD_Domain_Users:r-x
group:TS_quality:rwx
mask::rwx
other::---

to
-rwxrwx---+ 1 rmortimer TS_main           30208 Dec 13 12:33 
TP934_DVT1.doc
# file: TP934_DVT1.doc
# owner: rmortimer
# group: TS_main
user::rwx
user:rwallis:rwx
group::rwx
group:AD_Domain_Users:r-x
group:TS_quality:rwx
mask::rwx
other::---

Directory TWO has the following Unix and ACL permissions

drwxrwx---+  2 rwallis TS_quality   4096 Dec 13 12:21 Systems
# file: Systems
# owner: rwallis
# group: TS_quality
user::rwx
user:rwallis:rwx
group::rwx
group:AD_Domain_Users:r-x
group:TS_quality:rwx
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:AD_Domain_Users:r-x
default:group:TS_quality:rwx
default:mask::rwx
default:other::---

When I edit the following file

-rwxrwx---+ 1 rwallis   TS_quality 12800 Oct 26  1998 Tp3802.doc
# file: Tp3802.doc
# owner: rwallis
# group: TS_quality
user::rwx
user:rwallis:rwx
group::rwx
group:AD_Domain_Users:r-x
group:TS_quality:rwx
mask::rwx
other::---

I end up with

-r--rwx---+ 1 rmortimer TS_main    24064 Dec 13 12:44 Tp3802.doc
# file: Tp3802.doc
# owner: rmortimer
# group: TS_main
user::r--
user:rwallis:rwx
group::---
group:AD_Domain_Users:r-x
group:TS_quality:rwx
mask::rwx
other::---

As you can see this is flagged as read only (user = r--)

Both these directories are on the same share

Samaba is 
samba-common-3.0.23c-4
samba-swat-3.0.23c-4
samba-client-3.0.23c-4
samba-debuginfo-3.0.23c-4
samba-doc-3.0.23c-4
samba-3.0.23c-4
(from official source RPM)


Any pointers?

More information about the samba mailing list