[Samba] Can't get 'dos filemode' to work as expected
Felix Brack
fb at ltec.ch
Mon Apr 4 01:31:18 MDT 2011
On 03.04.2011 17:24, TAKAHASHI Motonobu wrote:
> From: Felix<fb at ltec.ch>
> Date: Wed, 30 Mar 2011 17:05:53 +0000 (UTC)
>
>> On Fri, 25 Mar 2011 22:43:38 +0900, TAKAHASHI Motonobu wrote:
>>
>>> From: Felix Brack<fb at ltec.ch>
>>> Date: Thu, 24 Mar 2011 10:09:53 +0100
>>>
>>>> After an upgrade to samba 3.5.8 (from 3.2.5) the option 'dos filemode'
>>>> does not seem to work anymore. If I (as a user) do not own the file I
>>>> can't change permissions.
> (snip)
>> I just double checked but the problem remains: I can do things if the
>> share is owned by myself ('felix') but not if it is owned by 'root'
if me
>> having access by being a member of supplementary group 'Development'.
>>
>> Using debug level 3 on the samba server I found this:
> (snip)
>
> Please show the minimum set to reproduce for example smb.conf
> including [global] section.
>
My minimum set is not really small but all settings related to the role
of the server and to LDAP are irrelevant when it comes to the problem I
am investigating (at least I think they are irrelevant!?). Anyway, here
is my entire global:
[global]
### Naming, domain and browesing ###
workgroup = LTEC
netbios name = Jupiter
server string = TEST Samba %v server
domain master = yes
preferred master = yes
os level = 65
domain logons = yes
logon path = \\%L\Profiles\%U\%m\%a
logon drive = H:
### Interfaces to listen on ###
interfaces = eth0 127.0.0.0/8
bind interfaces only = true
### Logging configuration ###
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
log level = 3
### Authentication ###
passdb backend = ldapsam:ldap://localhost
ldap admin dn = "uid=srv-user,dc=ltec,dc=ch"
ldap delete dn = yes
ldap suffix = dc=ltec,dc=ch
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap machine suffix = ou=computers
ldap idmap suffix = ou=idmap
ldap ssl = off
ldap passwd sync = yes
obey pam restrictions = yes
### Users, groups and machines administration ###
add user script = /usr/sbin/smbldap-useradd -m "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
add machine script = /usr/sbin/smbldap-useradd -w -i "%u"
delete user from group script = //usr/sbin/smbldap-groupmod -x
"%u" "%g"
delete user script = /usr/sbin/smbldap-userdel "%u"
delete group script = /usr/sbin/smbldap-groupdel "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
passwd program = /usr/sbin/smbldap-passwd -u %u
### Misc global options ###
wins support = yes
time server = yes
remote announce = 172.27.22.1
remote browse sync = 172.27.22.1
dns proxy = no
unix charset = 850
### Printing ###
load printers = no
disable spoolss = yes
printcap name = /dev/null
### Disable user shares
usershare max shares = 0
### Include the file-share definitions ###
include = /etc/samba/smbfs.conf
### !!! TESTING !!!
include = /etc/samba/smbfs-test.conf
The include file 'smbfs.conf' holds the share definitions in use. To
keep it simple for testing I created a new include file defining just
the one share on which I run all tests; this include file is called
'smbfs-test.conf' and contains the following:
[testshare]
comment = Only use this shre for samba testing !
path = /srv/samba/file-shares/testshare
browseable = yes
read only = no
invalid users = root administrator
delete readonly = yes
inherit owner = yes
force group = Development
dos filemode = yes
> As I showed in my previous mail, in order to reproduce, I set the
> empty [global] section.
>
I agree that it is best to have an empty [global] to track down such a
problem but as I am using LDAP that is not really possible. This is why
I posted my entire [global]. Do you see anything there that might
explain my problem?
By the why, 'id felix' returns the following:
uid=1000(felix) gid=513(Domain Users)
groups=1004(Management),1005(Development),1007(EETS),513(Domain Users)
which is exactly what I like it to be.
> And what is your platform? / The shared file path is located locally?
>
The server is a a 64Bit Debian GNU/Linux 6.0 (Sqeeze) with kernel
2.6.32. The entire server is a KVM guest. The KVM host is a multicore
XEON system providing a soft RAID-5 disk system for the guests.
Felix
More information about the samba
mailing list