[Samba] Changing groups on files
Paul
psarmstr at gmail.com
Thu Dec 17 14:01:00 MST 2009
We have a Samba install connected up to LDAP and all works fine until
we try to change the group on a file or directory
and get permission denied (changing permissions works fine).
The underlying filesystem does not know about POSIX ACLs and while I
would have thought "acl schemes = unix" would
do the trick, it doesn't seem to. Ideas?
What I'm doing on the Windows side is:
create a file
properties->security->edit
* select the group and remove it
* select add and type in another group
* click ok and get a permission denied error
Environment:
Linux 2.6.30.9 on Debian Lenny
Samba 3.3.6 and 3.4.2 (both via Debian backports)
Underlying filesystem is POSIX compliant but does not support the
POSIX ACL draft.
Client is Windows 7
Config:
[global]
workgroup = ZZ-7
server string = %h server
dns proxy = no
client plaintext auth = yes
client lanman auth = yes
interfaces = eth0,eth1
log file = /var/log/samba/log.%m
log level = 10
max log size = 1000
syslog = 1
panic action = /usr/share/samba/panic-action %d
security = user
encrypt passwords = true
passdb backend = ldapsam:"ldaps://localhost:636"
ldap ssl = off
ldap suffix = dc=sub,dc=company,dc=com
ldap user suffix = ou=people
ldap group suffix = ou=group
ldap admin dn = cn=auth,dc=ops,dc=company,dc=com
obey pam restrictions = yes
invalid users = root
map to guest = Never
restrict anonymous = 2
unix password sync = no
passwd program =
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
[share]
path = /mnt/share
valid users =
writable = yes
read only = no
printable = no
fstype = Samba
hide dot files = no
guest ok = no
create mask = 0660
directory mask = 0770
acl schemes = unix
Thanks,
Paul
--
It's time to finish going metric.
http://gometric.us
More information about the samba
mailing list