[Samba] File permissions and Unix umask.
Gerry Marthe
gmarthe at lateralplains.com
Thu Oct 9 02:21:59 GMT 2008
Yes Jeremy, it seems that I can make the CIFS client violate the
"forced" settings on the Samba server.
Specific example:
/* As root, issue the following mount command from client. */
mount.cifs //10.0.1.5/common /mnt/smb -o
rw,uid=500,user=abdv29,password=*******
/* Switch user to "abdv29" */
su - abdv29
/* Change directory to where the CIFS filesystem is mounted. */
cd /mnt/smb
/* Set umask */
umask 0022
/* Create a couple of files using "touch" and "echo". */
touch f1
echo "xx" >f2
/* On a local EXT3 filesystem, I would expect the two files
created above to each have the following symbolic permission:
"rw-r--r--" and this is indeed so.
On the CIFS mount, I would expect the "force create mode" to
override the umask in both cases, giving symbolic permission of:
"rw-rw-r--"
This is so only for the file named "f2" created with
"/bin/echo". The file created with "/bin/touch" has symbolic
permissions of: "rw-r--r--" indicating that the client has
violated the Server "force" settings.
*/
I have verified this happens with the following Samba versions:
1) Samba server version 3.0.28 running on RHEL-5
Samba client version 3.2.3 running on Fedora 9.
"mount.cifs -V" does not show version number, just display usage
message.
2) Samba server version 3.2.3 running on Fedora 9.
Samba client version 3.0.28 running on RHEL-5.
"mount.cifs -V" show version 1.0
Let me know if you need more information.
Gerry.
On Wed, 2008-10-08 at 17:24 -0700, Jeremy Allison wrote:
> On Thu, Oct 09, 2008 at 11:18:49AM +1100, Gerry Marthe wrote:
> > Hi Jeremy,
> >
> > Thanks - that does make sense.
> > Can you tell me then why "/bin/touch" appears immune to the Samba
> > settings?
>
> If you can make the CIFS client violate the
> "forced" settings on the Samba server that's
> a server bug and I'll fix it.
>
> Can you give me a specific example of this
> happening (with Samba and CIFSFS version numbers
> please) ?
>
> Jeremy.
>
>
> ------------------------------------------------------------
>
> This message has been scanned for viruses and dangerous content
> by MailScanner and is believed to be clean.
>
------------------------------------------------------------
This message has been scanned for viruses and dangerous content
by MailScanner and is believed to be clean.
More information about the samba
mailing list