[Samba] problem with home share permissions
Giuseppe Arvati
giuseppe.arvati at poste.it
Fri Apr 18 02:12:47 MDT 2014
Hi,
I tried to set up home share as described in
https://wiki.samba.org/index.php/Setting_up_a_home_share
( centos 6.5 samba 4.1.7 )
with rsat tool
but
user1 can read and write on user2 folder and vice versa
I think the problem is that the new users folders are created
with rwx permissions for group users
but I do not know how to avoid this.
Thank you
my smb.conf
[global]
workgroup = APAM-AD
realm = apam-ad.apam.it
netbios name = MAINDC
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
drepl, winbind, ntp_signd, kcc, dnsupdate
idmap_ldb:use rfc2307 = yes
map acl inherit = Yes
[netlogon]
path = /usr/local/samba/var/locks/sysvol/apam-ad.apam.it/scripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
[utenti]
path = /opt/samba4/utenti
read only = No
I setted up share permission and security for share "utenti"
I created a 1st user with ADUC
and setted up in profile tab
connect to Q: \\maindc\utenti\user1
the folder "user1" has been created
I created a 2nd user with ADUC
and setted up in profile tab
connect to Q: \\maindc\utenti\user2
the folder "user2" has been created
[root at maindc utenti]# getfacl user1
# file: user1
# owner: 3000000
# group: users
user::rwx
user:root:rwx
user:3000002:rwx
user:3000003:r-x
user:3000008:rwx
user:APAM-AD\134user1:rwx
group::rwx
group:users:rwx
group:3000000:rwx
group:3000002:rwx
group:3000003:r-x
group:APAM-AD\134Domain\040Admins:rwx
group:3000032:rwx
mask::rwx
other::---
default:user::rwx
default:user:root:rwx
default:user:3000000:rwx
default:user:3000002:rwx
default:user:3000003:r-x
default:user:3000008:rwx
default:user:APAM-AD\134user1:rwx
default:group::rwx
default:group:users:rwx
default:group:3000000:rwx
default:group:3000002:rwx
default:group:3000003:r-x
default:group:APAM-AD\134Domain\040Admins:rwx
default:group:3000032:rwx
default:mask::rwx
default:other::---
More information about the samba
mailing list