[Samba] User cannot get into own directory with 700 permissions

Colin Fowler cfowler at scss.tcd.ie
Fri Jun 15 04:02:24 MDT 2012 

If I create a directory with 700 permissions owned by me with the group 
set to my primary group I *cannot* get into the directory from my 
windows machine. I can of course get into it from unix

If however I set the mode to 740, I can get into it from windows

Samba version is 3.6.5 running on Debian squeeze and is installed from 
the backports repository. Below is a snippet of the log file at log 
level 5 from when I try to access the directory "700_dir_cfowler_staff"

any help much appreciated!


[2012/06/15 10:24:25.700630,  3] smbd/process.c:1467(switch_message)
   switch message SMBntcreateX (pid 5978) conn 0x7fab011282a0
[2012/06/15 10:24:25.700932,  4] smbd/uid.c:351(change_to_user)
   Skipping user change - already user
[2012/06/15 10:24:25.701045,  5] smbd/filename.c:257(unix_convert)
   unix_convert called on file "test2/700_dir_cfowler_staff"
[2012/06/15 10:24:25.701178,  5] smbd/files.c:126(file_new)
   allocated file structure 10381, fnum = 14477 (3 used)
[2012/06/15 10:24:25.701296,  3] smbd/dosmode.c:159(unix_mode)
   unix_mode(test2/700_dir_cfowler_staff) returning 0740
[2012/06/15 10:24:25.701445,  4] smbd/open.c:2069(open_file_ntcreate)
   calling open_file with flags=0x0 flags2=0x0 mode=0740, access_mask = 
0x81, open_access_mask = 0x81
[2012/06/15 10:24:25.701655,  5] smbd/files.c:464(file_free)
   freed files structure 14477 (2 used)
[2012/06/15 10:24:25.701770,  5] smbd/open.c:2597(open_directory)
   open_directory: opening directory test2/700_dir_cfowler_staff, 
access_mask = 0x81, share_access = 0x7 create_options = 0x0, 
create_disposition = 0x1, file_attributes = 0x10
[2012/06/15 10:24:25.701960,  3] smbd/error.c:81(error_packet_set)
   error packet at smbd/error.c(161) cmd=162 (SMBntcreateX) 
NT_STATUS_ACCESS_DENIED

[global]
     workgroup = FOO
     realm = FOO.BAR.COM
     interfaces = eth0, lo
     bind interfaces only = Yes
     security = DOMAIN
     log file = /var/log/samba/samba.log.%m
     unix extensions = No
     idmap config * : backend = tdb
     wide links = Yes
     log level = 5
[homes]
     comment = Home directories (%h)
     read only = No
     create mask = 0750
     browseable = No

More information about the samba mailing list