[Samba] Samba 4.0.4 : Unable to map unix gid group

francis.dupin at ifsttar.fr francis.dupin at ifsttar.fr
Sun Apr 7 07:28:37 MDT 2013 

Hi, 


I have compiled and installed the stable 4.0.4 version from 
http://ftp.samba.org/pub/samba/stable/samba-4.0.4.tar.gz 




I would like to share directories based only on unix uid and gid, (on Ubunu 12.04LTS) 

To test I have added 2 users to the system and samba (same password) : user1 and user2 
user1 is member of the groups permanentstest and usersbasictest 
user2 is member of the group userbasictest 

Test : 
id user1 
uid=10005(user1) gid=10005(user1) groupes=10005(user1),10010(permanentstest),10013(usersbasictest) 
id user2 
uid=10006(user2) gid=10006(user2) groupes=10006(user2),10013(usersbasictest) 

users added to samba by : 
/usr/local/samba/bin/samba-tool user add user1 
/usr/local/samba/bin/samba-tool user add user2 

I have created 2 directories : 
drwxrwxr-- 2 user1 permanentstest 4096 avril 7 13:04 test1 
drwxrwxr-- 2 user2 usersbasictest 4096 avril 7 13:05 test2 


user1 can access to test1 (matching user and group) 
but user can't access to test2 (but user1 match the group and has rwx group access to test2) 

The test from another Linux workstation : 
/usr/local/samba/bin/smbclient -U user1 //serverIP/shares 
smb: \test2\> dir 
NT_STATUS_ACCESS_DENIED listing \test2\* 


in the log file : 
[2013/04/07 15:13:53.675753, 3] ../source3/smbd/trans2.c:2350(call_trans2findfirst) 
call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 1 requires_resume_key = 1 backup_priv = 0 level = 0x104, max_data_bytes = 65535 
[2013/04/07 15:13:53.675856, 3] ../source3/smbd/vfs.c:1118(check_reduced_name) 
check_reduced_name [test2/*] [/home/shares] 
[2013/04/07 15:13:53.675925, 3] ../source3/smbd/vfs.c:1172(check_reduced_name) 
check_reduced_name: couldn't get realpath for test2/* 
[2013/04/07 15:13:53.675959, 3] ../source3/smbd/filename.c:1377(filename_convert_internal) 
filename_convert_internal: check_name failed for name test2/* with NT_STATUS_ACCESS_DENIED 

I have also tested that user2 can access to test2. 

Any idea ? 

Thank you in advance. 




Below my configuration 


Samba Installed with no particular options : 
./configure 
make 
make install 

then 

/usr/local/samba/bin/samba-tool domain provision 
realm: TEST 
Server Role : standalone 
DNS_backend : SAMBA_INTERNAL 

I have made many and many tests in smb.conf. Last version is : 


smb.conf : 
# Global parameters 
[global] 
workgroup = TEST 
realm = TEST 
netbios name = LIVIC45 
server string = serveur %h (Samba %v, Ubuntu) 
server role = standalone server 
security = user 
encrypt passwords = Yes 
passdb backend = samba_dsdb 
log level = 3 
log file = /var/log/samba/samba.log 
time server = Yes 
domain logons = Yes 
preferred master = Yes 
local master = Yes 
domain master = Yes 
domain logons = Yes 
dns proxy = No 
wins support = No 
lock directory = /var/lock/samba 

[shares] 
comment = share for test 
path = /home/shares 
writeable = Yes 
read only = No 
create mask = 0666 
directory mask = 0777 
inherit permissions = Yes 
guest ok = No 
follow symlinks = Yes 
browsable = Yes

More information about the samba mailing list