[Samba] Shared drives not writeable

steve steve at steve-ss.com
Thu Jun 20 15:45:03 MDT 2013


On Thu, 2013-06-20 at 15:05 -0400, Chris Nighswonger wrote:
> No takers?
> 
> On Thu, Jun 6, 2013 at 12:04 PM, Chris Nighswonger <
> cnighswonger at foundations.edu> wrote:
> 
> > I am running Samba 3.6.6 on a Ubuntu 12.10 Samba domain member server.
> > Users are authenticated against a Samba DC running 3.6.9 over an LDAP
> > backend. I have a share configured as show below. Members of the
> > 'staff-faculty' group can browse the share, but cannot write files to
> > any subdir for which they are not the owner. It appears that the only
> > reason they can read/traverse is because of o::r-x.
> >
> > What I am looking for is a share where any member of the group may rw,
> > but the various users retain ownership of the files/dirs they create.
> >
> > Here is what the perms, etc. look like:
> >
> > drwxrwxr-x+   2 jdoe         staff-faculty 4.0K Jun  6 09:01 test
> >
> > The acl looks like this:
> >
> > # file: test
> > # owner: jdoe
> > # group: staff-faculty
> > user::rwx
> > group::rwx
> > group:staff-faculty:rwx
> > mask::rwx
> > other::r-x
> >
> > I can post extended debug information, but thought perhaps there is an
> > obvious mistake in my share configuration and so am posting that
> > first.
> >
> > Kind Regards,
> > Chris
> >
> > -------------------
> >
> > [Shared Drives]
> >     comment = Staff-Faculty Shares
> >     path = /netdrives/shared
> >     browsable = yes
> >     read only = no
> >     inherit acls = no
> >     inherit permissions = no
> >     create mask = 0771
> >     directory mask = 2771
> >     valid users = @"CAMPUS\staff-faculty"
> >     write list = @"CAMPUS\staff-faculty"
> >     admin users = @"CAMPUS\Domain Admins"
> >

Hi
OK, I'll have a go.
Either use acls or smb.conf. I've never been able to get a mixture of
both to work. Tidy up:
chgrp -R staff-faculty /netdrives/shared
chmod 0770 /netdrives/shared
chmod g+s /netdrives/shared
setfacl -d -Rm g::rwx /netdrives/shared
set a loose acl for Domain Admins or map them to root

Then just:
[Shared Drives]
path = /netdrives/shared
read only = no
inherit acls = Yes

Worth a try?
Steve





More information about the samba mailing list