[Samba] AD + winbindd(8): group permissions being ignored ? WTF ?

Doug VanLeuven roamdad at sonic.net
Mon Aug 13 08:44:19 GMT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Wilkinson, Alex wrote:
> Hi all,
> 
> I am successfully authenticating "FreeBSD 7.0-CURRENT #1: Wed Jul 25
> 17:31:15 WST 2007" against AD. Users can log in succesfully with home
> directories being served via amd(8) and NFS. However, I have discovered
> a potential "show-stopper" that will force me to abort this mission :(
> 
> The problem
> -~-~-~-~-~-
> 
> In a nutshell: Simple group permissions set with chown(1) are not being honoured. e.g.
> 
>        #touch testing.txt
>        #ls -l !$
>        -rw-r--r--  1 root  wheel  0 Aug 12 17:49 testing
>        #chmod 770 !$
>        #ls -l testing.txt
>        -rwxrwx---  1 root  wheel  0 Aug 12 17:49 testing.txt
> 
>        #chown root:"scis stl admins" testing.txt
>        #ls -l !$
>        ls -l testing.txt
>        -rwxrwx---  1 root  scis stl admins  0 Aug 12 17:49 testing.txt
>        #su - my_username
>        my__shell>echo "this sux" > /var/tmp/testing.txt
>        testing.txt: Permission denied.
> 
> And I KNOW 150% I am in the the group "scis stl admins".
> 
> The odd thing is, is that chown(1) allows me to give the file testing.txt group
> memebership, but users in the actual group are not given these permissions.
> 
> I'm getting kinda desparate now. Have I missed something concetually ?
> Any insights into this problem whatsoever will be greatly appreciated.

Have a look and see if this report is relevant in your case (it's fairly
long):
https://bugzilla.samba.org/show_bug.cgi?id=3990

Regards, Doug

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFGwBnjFqWysr/jOHMRAsOjAKCOmNUxd1qX8gkomfS+D4f0FbFjmACgraNH
q0AlGUfH8cGw0opxo2L8BmI=
=D1B1
-----END PGP SIGNATURE-----


More information about the samba mailing list