[Samba] ARGH... once again samba causes "permission" errors.

[David Whitney]

Jeff,

I'm no expert, but my understanding is that the FORCE USER and FORCE GROUP
configuration statements only define the *ownership* of created files,  not
who is allowed to create them. My inference from your post suggests that
might be what you're expecting - apologies if that's not correct.

May be a naive suggestion, but I'd try the following:

To the share definition, add

"guest ok = no"
"write list = nas"

Also, when browsing the server (not the share) from your Windows client, see
if the share appears in the list of server-shared resources. If it does,
right-click and check the properties of the share and let it tell you who
*it* thinks owns the share/has permissions to it. That might be some helpful
info. If not, my apologies.

-David



On Sat, May 29, 2010 at 3:21 AM, Jeff Wiegley <jeffw at csun.edu> wrote:

> I've been doing unix sys. admin for nearly 20 years and yet EVERY single
> time I have to setup samba I have configuration problems.
>
> Before we start let's clear up some common misunderstandings: I have
> googled for the answer. I have spent the last six hours doing so and trying
> various "suggestions". Most of these suggestions point to solutions
> involving chown or chmod.  These are not the problems (or I will be
> very surprised).
>
> # cat /etc/samba/smb.conf
> [global]
>        workgroup = CYTE.COM
>        server string = CyteNAS
>        netbios name = NAS
>        hosts allow = 127., 10.0.10.
>
> [nas]
>        comment = NAS
>        path = /mnt/nas
>        force user = nas
>        force group = nas
>        read only = No
>
> # cat /etc/samba/smbpasswd
> nas:500:75891A0CAAF2F9828AE88C0FE87091EF:E8C4E8E10FEE888764D18AD4A0AC61F5:[U
>          ]:LCT-4C00625E:
>
> # grep nas /etc/passwd
> nas:x:500:500::/mnt/nas:/bin/bash
>
> # grep nas /etc/group
> nas:x:500:
>
> # ls -al /mnt/nas
> total 16
> drwxrwxrwx 2 nas  nas  4096 May 28 17:01 .
> drwxrwxrwx 3 root root 4096 May 28 15:04 ..
>
> So before you tell me about "permission" problems please note the following
>  1) The permissions on all the files is 777... EVERYBODY can do anything.
>  2) samba IS configured to force the user and group to the owner of the
> share
>      path anyways.
>  3) The group and user exist and they have their passwords configured
>       correctly.
>
> I can map the share on my Windows 7 workstation. But any attempt to
> create anything yields a pop-up window that says:
>
> "You need permission to perform this action"
>                              nas(\\NAS)
>                              Space free: 89.7 GB
>                              Total size: 97.0 GB
>
> Why am I getting ANY permission problems??? Frankly. I don't think it is
> a permission problem. (I set log level to 10; the output is long so I won't
> include it because I looked through it and didn't see any errors reported
> or any mention of permission denied.)
>
> GRRRRRRR!
>
> It gets worse. a 90GB NAS storage is pretty useless. The NAS is actually
> a 6TB Raid5 array with an XFS filesystem. But if I actually mount it....
>
> # /etc/init.d/smb stop
> # mount /mnt/nas
> # ls -al /mnt/nas
> total 8
> drwxrwxrwx 2 nas  nas     6 May 28 18:11 .
> drwxrwxrwx 3 root root 4096 May 28 15:04 ..
>
> see... no difference in permissions or ownership but now it is a mount
> point.
>
> Now I can't even map the samba share at all. All I get is a window
> that says:
>
>   "Attemping to connect to \\NAS\nas"
>          (Cancel)
>
> And it never seems to go away.
>
> and yes, under both cases I can simply login as the user nas via
> ssh and touch/mkdir or do anything I want and the files get created
> just fine. Frankly I think this is another case of Windows presenting
> the user with a misleading diagnostic "Permission" problem when
> something much more fundamental is going wrong with Samba.
>
> Please help.
>
> - Jeff
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>