[Samba] 'x' bit always set?

NdK ndk.clanbo at gmail.com
Thu Aug 2 06:12:26 MDT 2012 

Il 02/08/2012 13:50, Jonathan Buzzard ha scritto:

> Have you verified that you are storing DOS attributes in extended
> attributes, something like this on the server
> 
> [root at nabak Pictures]# getfattr -d Thumbs.db
> # file: Thumbs.db
> user.DOSATTRIB=0sMHgyNgAAAwADAAAAEQAAACYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIASVa5FHs0BAAAAAAAAAAA=
Yup. As written in the message before the quoted one:

root at str00160-samba:/srv/shared/PERSONALE# getfattr -d diego.zuccato/*
# file: diego.zuccato/index.html
user.DOSATTRIB=0sMHgyMAAAAwADAAAAEQAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcWNMuJcM0BAAAAAAAAAAA=

> Note the lack of "map hidden = no" in my original reply was down to cut
> and paste error out of my smb.conf
I added it.
My smb.conf (stripped to the homes definition) is:
-8<--
[global]
    workgroup = PERSONALE
    realm  = PERSONALE.DIR.UNIBO.IT
    server string = Shares for Astronomy Dept.
    netbios name = STR00160-SAMBA
    security = ADS
    encrypt passwords = true
    password server = personale.dir.unibo.it
    log file = /var/log/samba/log.%m
    log level = 0
    max log size = 50
    socket options = TCP_NODELAY SO_RCVBUF=32768 SO_SNDBUF=32768
    local master = No
    dns proxy = No
    wins server = 137.204.25.77

    # Should fix instability of name resolution (gid-to-name)
    client schannel = no

    # Unix extensions give troubles with permissions from Mac clients
    unix extensions = no
    wide links = no

    # We need a local user for str00160-web
    auth methods = guest sam winbind:ntdomain

    #winbind separator = -
    winbind enum users = No
    winbind enum groups = No
    winbind offline logon = Yes
    winbind nested groups = Yes
    winbind normalize names = Yes
    winbind refresh tickets = Yes
    winbind use default domain = yes
    idmap backend = tdb
    idmap uid = 10000-99999
    idmap gid = 10000-99999
    idmap config PERSONALE : backend = rid
    idmap config PERSONALE : base_rid  = 500
    idmap config PERSONALE : range = 100000 - 49999999
    idmap config STUDENTI : backend = rid
    idmap config STUDENTI : base_rid  = 500
    idmap config STUDENTI : range = 50000000 - 99999999
    template homedir = /srv/shared/%D/%U
    template shell = /bin/bash

    # Don't show a "printers" icon when browsing the server
    show add printer wizard = no
    load printers = no
    printing = bsd
    printcap name = /dev/null
    disable spoolss = yes

[homes]
    comment = Home Directories

    # Standard options for homes
    browseable = no
    read only = no
    create mask = 0600
    directory mask = 0711

    # Fix reported capacity
    block size = 4096

    # Use ACL to store attributes
    acl group control = Yes
    inherit acls = Yes
    ea support = Yes
    store dos attributes = yes
    dos filemode = yes
    map hidden = no
    map system = no
    map archive = no
    map readonly = no

    # I want users to be able to sare their data...
    #valid users = %D\%S
    path = /srv/shared/%D/%S

    # Equivalent of pam_mkhomedir, but more versatile
    root preexec = /opt/checklogon '%S' '%H' '%u' '%P' '%D' '%U'
-8<--

Didn't yet try to "tune" it too much... Is there something evidently wrong?

Could "create mask" be connected to the wrong permissions I see (not the
main "x bit set" issue, the other)? Is there a tutorial eplaining how
does ACLs and EAs interact with Samba?

BYtE,
 Diego.

More information about the samba mailing list