[Samba] (force) create mode not instantly applied

alexr samba.x.pastagod at spamgourmet.com
Mon Aug 16 13:52:01 MDT 2010


if I connect from a winxp machine to my samba share and create a new 
file, it does not get the permissions specified by "create mask" and 
"force create mode" at first. Only after I modify the permissions on the 
client, the file finally gets the right permissions on the server. 
Thereby it does not matter what I change on the client, even if I remove 
all access rights. After clicking OK, the permissions of the file would 
be set to the specified (force) create mode and cannot be changed from 
the client any more.

- connect to samba share from winxp
- create file "test.txt" from client
- file gets "rw--w----", but should get "rw-rw-r--" (664, see smb.conf)
- edit file permissions from winxp, e.g. delete all; click OK
- file now has "rw-rw-r--" on the server
- view permissions again in winxp; correctly mapped; cannot be altered

It's the same thing for creating directories (except that the initial 
permissions differ).
When connecting from a linux client, the permissions are set correctly 
on file creation. I haven't tried microsoft clients other than WinXP yet.

Any ideas how to make samba set the desired permissions right on file 
creation, without manual intervention?

Here's my config:


     WinXP Prof. SP3


     OpenSUSE 11.1
     Samba 3.5.4-1.1-2382-SUSE-CODE11


     server string = samba %h
     workgroup = MNS_SVR1
     encrypt passwords = Yes
     printing = cups
     printcap name = cups
     printcap cache time = 750
     cups options = raw
     map to guest = Bad User
     logon path = \\%L\profiles\.msprofile
     logon home = \\%L\%U\.9xprofile
     logon drive = P:
     usershare allow guests = No
     local master = Yes
     netbios name = MNSSVR1
     os level = 65
     passdb backend = tdbsam
     security = user
     wins support = No
     pam password change = Yes
     passwd program = /usr/bin/passwd %u
     passwd chat debug = Yes
     passwd chat timeout = 4
     unix password sync = Yes
     client lanman auth = No
     client plaintext auth = No
     invalid users = root @wheel
     obey pam restrictions = Yes

     path = /data/samba-shares/share1
     read only = No
     valid users = @share-access
     read list = @share-access
     write list = @share-write-access
     security mask = 0664
     force security mode = 0664
     create mode = 0664
     force create mode = 0664
     directory mask = 0775
     force directory mode = 0775
     directory security mask = 0775
     force directory security mode = 0775
     force group = share-write-access
     browseable = Yes
     writable = Yes
     map archive = No
     map hidden = No
     map readonly = No
     vfs objects = scannedonly
     scannedonly:domain_socket = True
     scannedonly:socketname = /var/lib/scannedonly/scannedonly-socket


More information about the samba mailing list