[Samba] Strange file permissions
DNL
dnl at livstones.freeserve.co.uk
Sat Nov 24 13:13:56 GMT 2007
Hi
I have a samba server with tdbsam passwords, and a share, PROJECTS,
which is accessed by various XP home clients, the usenames and passwords
being manually synced to the samba ones (less than 10 users, and only 4
workstations). There is one win2K machine, which is a domain member.
Subdirectories on PROJECTS have g+s set, so only users,
who are members of specific Linux groups, have access to the files in them.
Recently, a laptop with XP professional has been connected, and the user
on it can access the correct directories, but when he edits or creates a
file, the group owner and file permissions are wrong:
/home/projects/cp/CP 2007# ls -alt
total 2932
drwxrwsrw- 4 daniel cp 4096 2007-11-24 12:35 .
-r-------- 1 haffers BUILTIN\users 197120 2007-11-24 12:34 CP 11 Nova.xls
-rw-rw-rw- 1 haffers BUILTIN\users 199168 2007-11-23 19:47 CP 10 Octa.xls
drwxrwsrwx 2 daniel cp 4096 2007-11-23 19:34 FORMS 2007
-rw-rw-rw- 1 haffers BUILTIN\users 299520 2007-11-23 19:20 2007
ANALYSIS.xls
drwxrws--- 26 dnl cp 4096 2007-11-23 15:37 ..
-r-------- 1 haffers BUILTIN\users 197120 2007-11-23 14:40 CP 10 Oct.xls
-rwxrwx--- 1 haffers cp 196608 2007-11-18 18:51 CP 11 Nov.xls
-rwxrwx--- 1 haffers cp 192512 2007-11-18 17:47 CP 09 Sep.xls
The files he creates are therefore unusable until permissions are changed.
Various searches on the internet and reading of the Samba documentation
have failed give me any idea on why this is happening, or how to put it
right. How is Samba managing to not respecting the Linux g+s bit? How do
I make this system work correctly? Can you assist?
Background information:
The log-on of the user on the XP professional machine:
# tail -14 andylap.old
[2007/11/24 01:32:01, 1] smbd/service.c:close_cnum(1150)
andylap (192.168.0.168) closed connection to service projects
[2007/11/24 11:13:20, 2] smbd/sesssetup.c:setup_new_vc_session(799)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2007/11/24 11:13:20, 2] smbd/sesssetup.c:setup_new_vc_session(799)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2007/11/24 11:13:20, 2] lib/access.c:check_access(323)
Allowed connection from (192.168.0.168)
[2007/11/24 11:13:20, 2] smbd/reply.c:reply_tcon_and_X(711)
Serving IPC$ as a Dfs root
[2007/11/24 11:13:20, 2] auth/auth.c:check_ntlm_password(309)
check_ntlm_password: authentication for user [haffers] -> [haffers]
-> [haffers] succeeded
[2007/11/24 11:13:20, 2] smbd/utmp.c:sys_utmp_update(419)
utmp_update: uname:/var/run/utmp wname:/var/log/wtmp
# head -24 andylap
[2007/11/24 11:13:20, 2] lib/access.c:check_access(323)
Allowed connection from (192.168.0.168)
[2007/11/24 11:13:20, 1] smbd/service.c:make_connection_snum(950)
andylap (192.168.0.168) connect to service projects initially as user
haffers (uid=529, gid=502) (pid 17358)
[2007/11/24 11:13:20, 2] smbd/reply.c:reply_tcon_and_X(711)
Serving projects as a Dfs root
[2007/11/24 11:13:20, 2] smbd/utmp.c:sys_utmp_update(419)
utmp_update: uname:/var/run/utmp wname:/var/log/wtmp
[2007/11/24 11:13:20, 1] smbd/service.c:close_cnum(1150)
andylap (192.168.0.168) closed connection to service projects
[2007/11/24 11:13:20, 2] auth/auth.c:check_ntlm_password(309)
check_ntlm_password: authentication for user [haffers] -> [haffers]
-> [haffers] succeeded
[2007/11/24 11:13:20, 2] smbd/utmp.c:sys_utmp_update(419)
utmp_update: uname:/var/run/utmp wname:/var/log/wtmp
[2007/11/24 11:13:20, 2] lib/access.c:check_access(323)
Allowed connection from (192.168.0.168)
[2007/11/24 11:13:20, 1] smbd/service.c:make_connection_snum(950)
andylap (192.168.0.168) connect to service projects initially as user
haffers (uid=529, gid=502) (pid 17358)
[2007/11/24 11:13:20, 2] smbd/reply.c:reply_tcon_and_X(711)
Serving projects as a Dfs root
[2007/11/24 11:14:36, 2] lib/access.c:check_access(323)
Allowed connection from (192.168.0.168)
[2007/11/24 11:14:36, 2] smbd/reply.c:reply_tcon_and_X(711)
Serving IPC$ as a Dfs root
The most recent problem file in that log:
/var/log/samba# grep Nova andylap
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=Yes write=No
(numopen=3)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=No write=No
(numopen=4)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=3)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=2)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=Yes write=No
(numopen=3)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=2)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=Yes write=No
(numopen=3)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=2)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=Yes write=Yes
(numopen=3)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=Yes write=No
(numopen=4)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=3)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=Yes write=No
(numopen=4)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=3)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=Yes write=No
(numopen=4)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=3)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=Yes write=No
(numopen=4)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=3)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=No write=No
(numopen=4)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=3)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=No write=No
(numopen=4)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=3)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=No write=No
(numopen=4)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=3)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=Yes write=No
(numopen=4)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=3)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=2)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=No write=No
(numopen=3)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=2)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=Yes write=No
(numopen=3)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=No write=No
(numopen=5)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=4)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=3)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=No write=No
(numopen=4)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=3)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=No write=No
(numopen=3)
set_canon_ace_list: sys_acl_set_file type file failed for file cp/CP
2007/CP 11 Nova.xls (Operation not supported).
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=2)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=Yes write=No
(numopen=3)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=2)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=Yes write=No
(numopen=3)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=2)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=Yes write=No
(numopen=3)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=2)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=Yes write=No
(numopen=3)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=2)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=Yes write=No
(numopen=3)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=2)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=Yes write=No
(numopen=3)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=No write=No
(numopen=4)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
haffers opened file cp/CP 2007/CP 11 Nova.xls read=No write=No
(numopen=5)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=4)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=3)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=2)
The log at the time of the faulty file:
[2007/11/24 11:18:28, 2] smbd/close.c:close_normal_file(344)
haffers closed file cp/CP 2007/CP 11 Nov.xls (numopen=5)
[2007/11/24 11:18:28, 2] smbd/close.c:close_normal_file(344)
haffers closed file cp/CP 2007/CP 11 Nov.xls (numopen=4)
[2007/11/24 12:34:48, 2] lib/access.c:check_access(323)
Allowed connection from (192.168.0.168)
[2007/11/24 12:34:48, 2] smbd/reply.c:reply_tcon_and_X(711)
Serving IPC$ as a Dfs root
[2007/11/24 12:35:17, 2] smbd/dosmode.c:unix_mode(96)
unix_mode(cp/CP 2007/410CE081.tmp) inheriting from cp/CP 2007
[2007/11/24 12:35:17, 2] smbd/dosmode.c:unix_mode(104)
unix_mode(cp/CP 2007/410CE081.tmp) inherit mode 42776
[2007/11/24 12:35:17, 2] smbd/open.c:open_file(352)
haffers opened file cp/CP 2007/410CE081.tmp read=No write=Yes (numopen=4)
[2007/11/24 12:35:17, 2] smbd/close.c:close_normal_file(344)
haffers closed file cp/CP 2007/410CE081.tmp (numopen=3)
[2007/11/24 12:35:17, 2] smbd/close.c:close_normal_file(344)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=2)
[2007/11/24 12:35:17, 2] smbd/dosmode.c:unix_mode(96)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inheriting from cp/CP 2007
[2007/11/24 12:35:17, 2] smbd/dosmode.c:unix_mode(104)
unix_mode(cp/CP 2007/CP 11 Nova.xls) inherit mode 42776
[2007/11/24 12:35:17, 2] smbd/open.c:open_file(352)
haffers opened file cp/CP 2007/CP 11 Nova.xls read=No write=No
(numopen=3)
[2007/11/24 12:35:17, 2] smbd/close.c:close_normal_file(344)
haffers closed file cp/CP 2007/CP 11 Nova.xls (numopen=2)
# testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[print$]"
Processing section "[printers]"
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[profiles]"
Processing section "[projects]"
Processing section "[dnlweb]"
Processing section "[Brother]"
Loaded services file OK.
Invalid combination of parameters for service Brother.
Level II oplocks can only be set if oplocks are also
set.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions
[projects]
comment = projects directory
path = /home/projects
read only = No
inherit permissions = Yes
guest ok = Yes
[Brother]
comment = HL1260 running HP LJ 4+ emulation 26M
path = /var/spool/samba
read only = No
guest ok = Yes
printable = Yes
printer name = Brother
oplocks = No
share modes = No
There is something that Samba does not like about the oplocks here, but
SWAT does not have an oplocks option on the Brother printer share, so I
am confused on this, but expect it is not relevant to the main problem.
smb.conf file
# Samba config file created using SWAT
# from 192.168.0.187 (192.168.0.187)
# Date: 2007/11/24 13:03:18
[global]
unix charset = LOCALE
workgroup = STONES
server string = %h server (Samba %v)
interfaces = Eth0, lo
bind interfaces only = Yes
map to guest = Bad Password
passdb backend = tdbsam
guest account = stones
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*Password* %n\n *Re-enter*new*password*%n\n
*Password*changed*
username map = /etc/samba/smbusers
unix password sync = Yes
log level = 2 passdb:2 auth:2 winbind:4
log file = /var/log/samba/%m
max log size = 100
smb ports = 139
name resolve order = hosts wins bcast
time server = Yes
printcap name = CUPS
show add printer wizard = No
add user script = /usr/sbin/useradd -m '%u'
delete user script = /usr/sbin/userdel -r '%u'
add group script = /usr/sbin/groupadd '%g'
delete group script = /usr/sbin/groupdel '%g'
add user to group script = /usr/sbin/usermod -G '%g' '%u'
delete user from group script = /usr/sbin/groupmod -R %u %g
add machine script = /usr/sbin/useradd -s /bin/false -d /tmp '%u'
shutdown script = /var/lib/samba/scripts/shutdown.sh
abort shutdown script = /sbin/shutdown -c
logon script = logon.bat
logon path = \\%N\profiles\%U
logon drive = H:
domain logons = Yes
os level = 35
preferred master = Yes
domain master = Yes
wins support = Yes
ldap ssl = no
utmp = Yes
panic action = /usr/share/samba/panic-action %d
idmap uid = 15000-20000
idmap gid = 15000-20000
hosts allow = 192.168.0., 192.168.1., 127.
printing = cups
print command =
lpq command = %p
lprm command =
veto files = /*.eml/*.nws/*.{*}/
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
admin users = root, Administrator
write list = root
[printers]
comment = SMB Print Spool
path = /var/spool/samba
guest ok = Yes
printable = Yes
browseable = No
More information about the samba
mailing list