[Samba] group permissions broken after upgrade 3.2.5 -> 3.4.8: deleting of files denied

Jeremy Allison jra at samba.org
Mon Jun 14 16:00:38 MDT 2010


On Mon, Jun 14, 2010 at 12:59:54AM +0200, Marc Schiffbauer wrote:
> Hi,
> 
> I am having a problem with group permissions after Samba upgrade.
> 
> On one share there are several directorries owned by different
> users.
> 
> No posix acl or user_xattr on the filesystem so far.
> 
> Samba is configured so that directory permission is always 0770 and
> file permission is always 0660: any user in the domain can do
> anything with the files and directories (all users have the same
> primary group which is the same as the file and dir group).
> 
> That worked very well until the upgrade. Users could do anything
> within the share: create, modify and delete files and directories.
> 
> Now after the upgrade delete operations on files do not work anymore 
> until a user owns the parent directory or has world write access to
> it (windows client (XP SP2) gets a permission denied error).
> 
> This is strange because a user can still create files within a dir
> that he does not own, so this can only be permitted by group permission, 
> but deleting the same file gives a permission denied.
> 
> What might cause this? Is this a known bug in samba 3.4.8?

Log a bug and post a debug level 10 log of the delete operation.
Internally smbd now converts the POSIX ACL into a Windows ACL
and tests for DELETE access availability for the logged in user
and group list.

Jeremy.


More information about the samba mailing list