[Samba] Can create files from share but only delete as root

David Rericha d.rericha at healthcareoss.com
Thu Aug 2 13:01:38 MDT 2012 

I solved this problem with the help of RedHat Linux support.  With the 
newer versions of CUPS, it is necessary to specify the uid and gid as a 
local user and group respectively in order to delete from the share.

Thanks,

David J. Rericha
Project Manager
Open Software Solutions, LLC
(W) 563-884-4010
(C) 563-650-5446


On 06/26/2012 05:53 PM, David Rericha wrote:
> Fellow List Members:
>
> After upgrading our server to RHEL 6 from RHEL 5, I discovered that 
> our linux clients could create files on the share but not delete them 
> unless they first switch to root (su -).
> This is very odd to me since the share in question is mounted with the 
> non-root user's credentials.  The fstab entry is as follows:
>
> //192.168.1.2/officefiles /mnt/officefiles cifs 
> username=joe,password=fakepwd 0 0
>
> Now, the version of samba on the server is 3.5.10 and on the client is 
> 3.5.4.  I can't upgrade the client w/o difficulty since it is an 
> expired distribution (OpenSuSE 11.3).
>
> The smb conf forces full permissions on files and directories.  Here 
> is the share:
>
> [officefiles]
>         force create mode = 777
>         create mode = 777
>         path = /cool/officefiles
>         force directory mode = 777
>         directory mode = 777
>
> And, the mount owner also belongs to the cool_users group on the server:
>
> drwxrwxr-x  25 jim    cool_users 4096 Jun 26 14:26 officefiles
>
> Notice, there is no sticky bit on the directory.  Now, if I add the 
> user option after installing setuid on /bin/mount and /sbin/mount.cifs, I
> can mount the share as joe and delete files to my heart's content. So, 
> I am wondering if this is by design so that if I want the user to be 
> able to delete from the share,
> they need to not only have linux and samba permissions but also be the 
> user that mounts the share.  If this is not the design, PLEASE tell me 
> what I am missing.  Here is the global section
> of the smb.conf for good measure:
>
> [global]
>         log file = /var/log/samba/%m.log
>         load printers = yes
>         idmap gid = 16777216-33554431
>         socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
>         username map = /etc/samba/smbusers
>         winbind use default domain = no
>         template shell = /bin/false
>         dns proxy = no
>         oplocks = no
>         cups options = raw
>         netbios name = cool-server
>         delete readonly = yes
>         writeable = yes
>         server string = Samba Server
>         password server = None
>         idmap uid = 16777216-33554431
>         workgroup = COOL
>         os level = 20
>         printcap name = /etc/printcap
>         create mode = 775
>         short preserve case = no
>         max log size = 50
>         directory mode = 775
>
> Thanks.
>

More information about the samba mailing list