[Samba] problem with home share permissions

Giuseppe Arvati giuseppe.arvati at poste.it
Fri Apr 18 02:12:47 MDT 2014


Hi,

I tried to set up home share as described in
https://wiki.samba.org/index.php/Setting_up_a_home_share
( centos 6.5 samba 4.1.7 )
with rsat tool
but
user1 can read and write on user2 folder and vice versa
I think the problem is that the new users folders are created
with rwx permissions for group users
but I do not know how to avoid this.

Thank you


my smb.conf
[global]
         workgroup = APAM-AD
         realm = apam-ad.apam.it
         netbios name = MAINDC
         server role = active directory domain controller
         server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, 
drepl, winbind, ntp_signd, kcc, dnsupdate
         idmap_ldb:use rfc2307 = yes
         map acl inherit = Yes

[netlogon]
         path = /usr/local/samba/var/locks/sysvol/apam-ad.apam.it/scripts
         read only = No

[sysvol]
         path = /usr/local/samba/var/locks/sysvol
         read only = No

[utenti]
         path = /opt/samba4/utenti
         read only = No


I setted up share permission and security for share "utenti"

I created a 1st user with ADUC
and setted up in profile tab
connect to Q:  \\maindc\utenti\user1

the folder "user1" has been created


I created a 2nd user with ADUC
and setted up in profile tab
connect to Q:  \\maindc\utenti\user2

the folder "user2" has been created

[root at maindc utenti]# getfacl user1
# file: user1
# owner: 3000000
# group: users
user::rwx
user:root:rwx
user:3000002:rwx
user:3000003:r-x
user:3000008:rwx
user:APAM-AD\134user1:rwx
group::rwx
group:users:rwx
group:3000000:rwx
group:3000002:rwx
group:3000003:r-x
group:APAM-AD\134Domain\040Admins:rwx
group:3000032:rwx
mask::rwx
other::---
default:user::rwx
default:user:root:rwx
default:user:3000000:rwx
default:user:3000002:rwx
default:user:3000003:r-x
default:user:3000008:rwx
default:user:APAM-AD\134user1:rwx
default:group::rwx
default:group:users:rwx
default:group:3000000:rwx
default:group:3000002:rwx
default:group:3000003:r-x
default:group:APAM-AD\134Domain\040Admins:rwx
default:group:3000032:rwx
default:mask::rwx
default:other::---



More information about the samba mailing list