[Samba] SAMBA Problem - Users take ownership

Carlos Rivera-Jones carlos at sinu.com
Wed Apr 18 20:31:38 GMT 2007 

 

   create mask = 0765
   create mode = 0777
   directory mode = 0770
   force create mode = 000


Turn it to

   create mask = 2765
   create mode = 2777
   directory mode = 2770

Delete

   force create mode = 000

Test


carlos

-----Original Message-----
From: Travis Bullock [mailto:tbullock at avmax.ca] 
Sent: Wednesday, April 18, 2007 4:19 PM
To: Carlos Rivera-Jones
Cc: samba
Subject: Re: [Samba] SAMBA Problem - Users take ownership

smb.conf file:

[global]
        security = domain
        workgroup = AVMAX
        netbios name = atlas
        map to guest = Bad User

        encrypt passwords = yes
        password server = 10.2.32.1 10.2.0.4 10.4.0.3
        username level = 0
#password server = 10.2.0.3 10.2.0.4 10.2.32.1
        deadtime = 3
        local master = no
        domain master = no
        domain logons = no
        wins support = yes
        remote announce = 10.4.0.0/20 10.3.0.0/20 #winbind use default
domain = yes
        winbind separator = +
        winbind cache time = 10
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        winbind enum users = yes
        winbind enum groups = yes

        hosts allow = 10.0.0.0/20 10.2.0.0/20 10.2.32.0/20 10.2.16.0/20
10.3.0.0/16 10.128.0.0/16 10.4.0.0/16
        interfaces = 10.2.0.12 192.168.0.4
        log level = 2 winbind:5

[Planning]
   comment = Avmax Planning Group Share
   browseable = yes
   writable = yes
   read only = no
   create mode = 0770
   directory mode = 0770
   path = /usr/avmax_shares/Planning

[GFQ]
   comment = Great Falls QA
   browseable = yes
   writable = yes
   read  only = no
   create mask = 0765
   create mode = 0777
   directory mode = 0770
   force create mode = 000
   path = /usr/avmax_shares/GFQ


Those are two different types of shares. I am playing with the settings
to see if I can make a difference to the share but so far no joy.
Probably because I don't have a firm understanding of how those settings
work.

Cheers,

Travis

----- Original Message -----
From: "Carlos Rivera-Jones" <carlos at sinu.com>
To: "Travis Bullock" <tbullock at avmax.ca>, "samba"
<samba at lists.samba.org>
Sent: Wednesday, April 18, 2007 2:14:19 PM (GMT-0700) America/Denver
Subject: RE: [Samba] SAMBA Problem - Users take ownership


Smb.conf share settings?

carlos 

-----Original Message-----
From: samba-bounces+carlos=sinu.com at lists.samba.org
[mailto:samba-bounces+carlos=sinu.com at lists.samba.org] On Behalf Of
Travis Bullock
Sent: Wednesday, April 18, 2007 4:09 PM
To: samba
Subject: Re: [Samba] SAMBA Problem - Users take ownership

Can anyone help me with this? This is a serious problem and it is really
screwing me over.

Cheers,

Travis Bullock
Systems Administrator
Avmax Group Inc.

----- Original Message -----
From: "Travis Bullock" <tbullock at avmax.ca>
To: "samba" <samba at lists.samba.org>
Sent: Saturday, April 14, 2007 10:12:30 AM (GMT-0700) America/Denver
Subject: [Samba] SAMBA Problem - Users take ownership

Hi, 

I have a problem with my Samba/WinBIND implementation. In folders shared
by multiple people the last one to access and modify a file takes
ownership of the file and changes the permissions so other users cannot
make changes to the same file: 
[root at atlas PLANNING RECORDS]# cd REGIONAL\ 1\ AIRLINE\ DOCS/
[root at atlas REGIONAL 1 AIRLINE DOCS]# ls -al total 1232 
drwxrws---+ 8 root AVMAX+Domain Admins 4096 Apr 13 13:16 . 
drwxrws---+ 23 root AVMAX+Domain Admins 4096 Apr 3 08:14 .. 
drwxrws---+ 7 root AVMAX+Domain Admins 4096 Mar 20 13:01 AALI Reserves
drwxrws---+ 3 root AVMAX+Domain Admins 4096 Mar 20 13:02 Archived 
drwxrws---+ Documents for Reg. 1
-rwxrwx---+ 1 AVMAX+RMesheau AVMAX+Domain Admins 64512 Apr 13 12:56 LOG 
-rwxrwx---+ BOOK entry template.xls
drwxrws---+ 6 root AVMAX+Domain Admins 4096 Mar 30 16:20 Logpages 
drwxrws---+ Monthly Templates Reports etc
-rwxrwx---+ 1 AVMAX+ALee AVMAX+Domain Admins 552448 Apr 13 13:16 MOD SB 
-rwxrwx---+ Compliance Status ALEX.xls
-r--rwx---+ 1 AVMAX+ALee AVMAX+Domain Admins 552448 Apr 12 13:35 MOD SB 
-r--rwx---+ Compliance Status.xls
drwxrws---+ 2 root AVMAX+Domain Admins 4096 Mar 30 16:09 Monthly 
drwxrws---+ Workorder Templates
drwxrws---+ 3 root AVMAX+Domain Admins 4096 Apr 3 09:06 SIP + Audit 
drwxrws---+ Spreadsheets
drwxrws---+ 5 root AVMAX+Domain Admins 4096 Mar 20 13:04 Tally Sheets 
drwxrws---+ for Regional 1

I want all ownerships to remain root:AVMAX+Domain Admins with drwxrws---
set as the permissions. My ACL's look like this for a file: 

[root at atlas REGIONAL 1 AIRLINE DOCS]# getfacl MOD\ SB\ Compliance\
Status.xls # file: MOD SB Compliance Status.xls # owner: AVMAX+ALee #
group: AVMAX+Domain Admins
user::r--
user:root:rwx
group::rw-
group:AVMAX+Planning:rwx
mask::rwx
other::--- 

I think group:AVMAX+Planning:rwx is good but appears to be ineffective
once a user takes ownership of a file. 

And this for a directory: 

[root at atlas REGIONAL 1 AIRLINE DOCS]# getfacl Tally\ Sheets\ for\
Regional\ 1/ # file: Tally Sheets for Regional 1 # owner: root # group:
AVMAX+Domain Admins user::rwx group::rwx group:AVMAX+Planning:rwx
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:AVMAX+Planning:rwx
default:mask::rwx
default:other::--- 

Any ideas as to why this is happening? 


Travis Bullock
Systems Administrator
Avmax Group Inc. 
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list