[Samba] Strange file permissions
dnl at livstones.freeserve.co.uk
Sat Dec 1 17:34:21 GMT 2007
This problem appeared to have been sorted, but came back today. I have set the directives valid
users and force group.
Any advice on what log level setting I should set to try and pick this problem up in the logs?
Is there any plans to improve the on-line help for problem solving with Samba? How about a
website/wiki with columns:
Symptom | Perform check | Action if ok | Action if fail |
where the action columns could be hyperlinked to other symptom/check lines as needed. At present it
is limited to the part V of the "The Official Samba-3 HOWTO and Reference Guide" A Wiki would allow
such a table to be easily updated, probably with answered queries from the mailing list. I regret I
do not have the available time to try working on such a project.
Mark Adams wrote:
> In my opinion even your no access folder should use a group. Make your
> lowest permissions group nogroup then add all users to the group. Then
> change smb conf user security entry to valid users = @nogroup
> On 26 Nov 2007, at 22:59, DNL <dnl at livstones.freeserve.co.uk> wrote:
>> Mark Adams wrote:
>>> Is sgid on the top level dir?
>> Set for subdirectory cp, but not for projects as different directories
>> at that level require no access control
>> /projects/cp# ls -al
>> total 164
>> drwxrws--- 26 dnl cp 4096 2007-11-23 15:37 .
>> drwxr-xr-x 17 root root 4096 2007-11-16 22:35 ..
>> drwxrws--- 2 daniel cp 4096 2007-06-18 11:52 4 Spencer Close
>> drwxrws--- 2 daniel cp 4096 2007-09-01 19:20 Addresses
>>> Also have you tried force group samba option?
>> My understanding is that this would force the same group for all the
>> PROJECT share, but I only want it for a subdirectory. Am I forced into
>> making projects/cp a separate share and using this samba option?
>> Thanks for your response.
>>> On 24 Nov 2007, at 13:13, DNL <dnl at livstones.freeserve.co.uk> wrote:
>>>> I have a samba server with tdbsam passwords, and a share, PROJECTS,
>>>> which is accessed by various XP home clients, the usenames and
>>>> being manually synced to the samba ones (less than 10 users, and only 4
>>>> workstations). There is one win2K machine, which is a domain member.
>>>> Subdirectories on PROJECTS have g+s set, so only users,
>>>> who are members of specific Linux groups, have access to the files
>>>> in them.
>>>> Recently, a laptop with XP professional has been connected, and the
>>>> on it can access the correct directories, but when he edits or
>>>> creates a
>>>> file, the group owner and file permissions are wrong:
>>>> /home/projects/cp/CP 2007# ls -alt
>>>> total 2932
>>>> drwxrwsrw- 4 daniel cp 4096 2007-11-24 12:35 .
>>>> -r-------- 1 haffers BUILTIN\users 197120 2007-11-24 12:34 CP 11
>>>> -rw-rw-rw- 1 haffers BUILTIN\users 199168 2007-11-23 19:47 CP 10
>>>> drwxrwsrwx 2 daniel cp 4096 2007-11-23 19:34 FORMS 2007
>>>> -rw-rw-rw- 1 haffers BUILTIN\users 299520 2007-11-23 19:20 2007
>>>> drwxrws--- 26 dnl cp 4096 2007-11-23 15:37 ..
>>>> -r-------- 1 haffers BUILTIN\users 197120 2007-11-23 14:40 CP 10
>>>> -rwxrwx--- 1 haffers cp 196608 2007-11-18 18:51 CP 11
>>>> -rwxrwx--- 1 haffers cp 192512 2007-11-18 17:47 CP 09
>>>> The files he creates are therefore unusable until permissions are
>>>> Various searches on the internet and reading of the Samba documentation
>>>> have failed give me any idea on why this is happening, or how to put it
>>>> right. How is Samba managing to not respecting the Linux g+s bit?
>>>> How do I make this system work correctly? Can you assist?
Background information from earlier emails pruned.
The system id Debian Stable, up to date - including no SWAT as that depends on the earlier version
of samba-doc - work in progress, I assume.
Living Stones, Flore Uk
Mobile: 07736 227 260
More information about the samba