[Samba] Can create files from share but only delete as root

David Rericha d.rericha at healthcareoss.com
Tue Jun 26 16:53:45 MDT 2012

Fellow List Members:

After upgrading our server to RHEL 6 from RHEL 5, I discovered that our 
linux clients could create files on the share but not delete them unless 
they first switch to root (su -).
This is very odd to me since the share in question is mounted with the 
non-root user's credentials.  The fstab entry is as follows:

// /mnt/officefiles cifs 
username=joe,password=fakepwd 0 0

Now, the version of samba on the server is 3.5.10 and on the client is 
3.5.4.  I can't upgrade the client w/o difficulty since it is an expired 
distribution (OpenSuSE 11.3).

The smb conf forces full permissions on files and directories.  Here is 
the share:

         force create mode = 777
         create mode = 777
         path = /cool/officefiles
         force directory mode = 777
         directory mode = 777

And, the mount owner also belongs to the cool_users group on the server:

drwxrwxr-x  25 jim    cool_users 4096 Jun 26 14:26 officefiles

Notice, there is no sticky bit on the directory.  Now, if I add the user 
option after installing setuid on /bin/mount and /sbin/mount.cifs, I
can mount the share as joe and delete files to my heart's content. So, I 
am wondering if this is by design so that if I want the user to be able 
to delete from the share,
they need to not only have linux and samba permissions but also be the 
user that mounts the share.  If this is not the design, PLEASE tell me 
what I am missing.  Here is the global section
of the smb.conf for good measure:

         log file = /var/log/samba/%m.log
         load printers = yes
         idmap gid = 16777216-33554431
         socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
         username map = /etc/samba/smbusers
         winbind use default domain = no
         template shell = /bin/false
         dns proxy = no
         oplocks = no
         cups options = raw
         netbios name = cool-server
         delete readonly = yes
         writeable = yes
         server string = Samba Server
         password server = None
         idmap uid = 16777216-33554431
         workgroup = COOL
         os level = 20
         printcap name = /etc/printcap
         create mode = 775
         short preserve case = no
         max log size = 50
         directory mode = 775


David J. Rericha
Project Manager
Open Software Solutions, LLC

More information about the samba mailing list