[Samba] Can't get 'dos filemode' to work as expected

Felix fb at ltec.ch
Wed Mar 30 11:05:53 MDT 2011 

On Fri, 25 Mar 2011 22:43:38 +0900, TAKAHASHI Motonobu wrote:

> From: Felix Brack <fb at ltec.ch>
> Date: Thu, 24 Mar 2011 10:09:53 +0100
> 
>> After an upgrade to samba 3.5.8 (from 3.2.5) the option 'dos filemode'
>> does not seem to work anymore. If I (as a user) do not own the file I
>> can't change permissions.
>> 
>> I am user 'felix' and member of supplementary group 'Development'. To
>> test things I use the following share definition:
>> 
>> [Temp]
>>          path = /srv/samba/file-shares/tmp
>>          browseable = yes
>>          read only = no
>>          invalid users = root administrator
>>          delete readonly = yes
>>          inherit owner = yes
>>          force group = Development
>>          dos filemode = yes
>> 
>> A 'getfacl' on /srv/samba/file-shares/tmp returns:
>> 
>> # file: srv/samba/file-shares/tmp
>> # owner: root
>> # group: root
>> # flags: -s-
>> user::rwx
>> group::r-x
>> group:Development:rwx
>> mask::rwx
>> other::---
>> default:user::rwx
>> default:group::r-x
>> default:group:Development:rwx
>> default:mask::rwx
>> default:other::---
> 
> As far as I examined, "dos filemode" works file at Samba 3.5.8.
> 
> I connect to \\lenny5\aclshare2a and can change the other's permission
> (same as running "chmod o+r test2.txt").
> 
> Here is my settings:
> 
> -----
> lenny5:/var/lib/samba/shares# cat /usr/local/samba/lib/smb.conf [global]
> 
> [aclshare2]
>   path = /var/lib/samba/shares/aclshare2 writeable = yes
> 
>   force group = root
>   inherit permissions = yes
>   dos filemode = yes
> 
>   store dos attributes = yes
>   map archive = no
>   map read only = no
> 
> [aclshare2a]
>   path = /var/lib/samba/shares/aclshare2
>           browseable = yes
>           read only = no
>           invalid users = root administrator
>           delete readonly = yes
>           inherit owner = yes
>           force group = Development
>           dos filemode = yes
> -----
> 
> Both for aclshare2 and aclshare2a Samba works fine.
> 
> lenny5:/var/lib/samba/shares# /usr/local/samba/sbin/smbd -V Version
> 3.5.8
> 
> lenny5:/var/lib/samba/shares# getfacl aclshare2/ # file: aclshare2/
> # owner: root
> # group: root
> user::rwx
> group::r-x
> group:Development:rwx
> mask::rwx
> other::---
> default:user::rwx
> default:group::r-x
> default:group:Development:rwx
> default:mask::rwx
> default:other::---
> 
> lenny5:/var/lib/samba/shares# getfacl aclshare2/test2.txt # file:
> aclshare2/test2.txt
> # owner: root
> # group: root
> user::rw-
> group::rw-
> group:Development:rwx
> mask::rwx
> other::r--
> 
> lenny5:/var/lib/samba/shares# id monyo uid=1000(monyo) gid=100(users)
> groups=100(users),1016(Development)
> 
> ---
> TAKAHASHI Motonobu <monyo at samba.gr.jp>

Many thanks for your response.

I just double checked but the problem remains: I can do things if the 
share is owned by myself ('felix') but not if it is owned by 'root' if me 
having access by being a member of supplementary group 'Development'.

Using debug level 3 on the samba server I found this:

[2011/03/30 18:21:38.525408,  3] smbd/process.c:1298(switch_message)
  switch message SMBtrans2 (pid 31379) conn 0x7fe6ffbecf50
[2011/03/30 18:21:38.525427,  3] smbd/trans2.c:7722
(call_trans2setfilepathinfo)
  call_trans2setfilepathinfo(8) test-root/.svn (fnum 13314) 
info_level=1004 totdata=40
[2011/03/30 18:21:38.525453,  3] smbd/trans2.c:7320
(smbd_do_setfilepathinfo)
  smbd_do_setfilepathinfo: test-root/.svn (fnum 13314) info_level=1004 
totdata=40
[2011/03/30 18:21:38.525487,  3] smbd/dosmode.c:166(unix_mode)
  unix_mode(test-root/.svn) returning 0775
[2011/03/30 18:21:38.525527,  3] smbd/vfs.c:881(check_reduced_name)
  check_reduced_name [test-root/.svn] [/srv/samba/file-shares/testshare]
[2011/03/30 18:21:38.525561,  3] smbd/vfs.c:1038(check_reduced_name)
  check_reduced_name: test-root/.svn reduced to /srv/samba/file-shares/
testshare/test-root/.svn
[2011/03/30 18:21:38.525625,  3] smbd/dosmode.c:166(unix_mode)
  unix_mode(test-root/.svn) returning 0764
[2011/03/30 18:21:38.525653,  3] smbd/vfs.c:881(check_reduced_name)
  check_reduced_name [test-root/.svn] [/srv/samba/file-shares/testshare]
[2011/03/30 18:21:38.525684,  3] smbd/vfs.c:1038(check_reduced_name)
  check_reduced_name: test-root/.svn reduced to /srv/samba/file-shares/
testshare/test-root/.svn
[2011/03/30 18:21:38.525720,  3] smbd/open.c:461(open_file)
  Error opening file test-root/.svn (NT_STATUS_FILE_IS_A_DIRECTORY) 
(local_flags=1) (flags=1)

The subdirectory '.svn' is created and has correct mode (0775, i.e. rwx 
for the group). Somewhat later a call to 'unix_mode' returns 0764 (i.e. rw- 
for th group). Now things fail because a directory should have the x flag 
set so it can be browsed, correct?
Does anybody understand why the mode of directory '.svn' gets changed at 
all?

Felix

More information about the samba mailing list