[Samba] File share permissions act different on member server than on DC

Marc Muehlfeld samba at marc-muehlfeld.de
Sun Oct 13 14:31:33 MDT 2013


a while ago I wrote the 
http://wiki.samba.org/index.php/Setup_and_configure_file_shares HowTo.

When I wrote the HowTo, I setup and configured the share on a DC - what 
still works like described. Today I tried the first time to do exactly 
the same on a 4.0.10 and 4.1.0 _member server_, and it doesn't work there.

The share in smb.conf:
    path = /srv/samba/Demo
    read only = no

The folder in the filesystem (XFS):
drwxr-xr-x   2 root root        6 13. Okt 22:16 /srv/samba/Demo

I connect to the share as Domain Admin, right-click to it and go to the 
"security" tab. Here I see now "everyone" and two "root" entries.
- I click the "edit" button and remove the two "root" entries. When I 
click "apply", everything is reset (the two entries went back".
- If i grant "modify" to "everyone" - where all "allow" entries are 
empty per default and click "apply", then all boxes are checked 
automatically (full access) and "CREATOR OWNER" and "CREATOR GROUP" 
appear. And this two can't be removed as well any more.

If I do exactly the same on a DC, then already the security tab shows on 
the first time I open it very different settings. The wiki screenshot 
shows them: 
http://wikiupload.samba.org/images/8/8f/Demo_Share_Security.png). But 
the folder on Linux side is also just 755 (and without any extended ACLs 
when I begin). Also whatever I change (like remove "root" from the ACLs) 
everything is done like expected and saved.

The member server is also self compiled. I installed all packages on my 
RHEL6 that I have installed on the DC too.

Any idea what could be different on a 4.x member than on a DC? Or did I 
find a bug?


More information about the samba mailing list