[Samba] Samba 4, setgid & new file permissions

[Tomáš Králík]

Hello everybody,

I have a server with CentOS 6.5 (kernel version 
2.6.32-431.5.1.el6.x86_64) and Samba version 4.2.0pre1-GIT-4daf7d4. I am 
using this server as a PDC and so far everything is working quite alright.

However, I have a problem with permissions of files I want to share. 
Mostly it is working well. Samba respects group memberships, including 
supplementary groups, ownership, etc. The only problem is that Samba is 
not honoring the setgid bit. When I create a file or directory in 
Windows, it belongs to the user who created it and the group they have 
as their primaryGroupID attribute, even though the directory has the 
setgid bit set. When I create the file using a shell command, the right 
group ownership is set. Does anyone know any solution for this problem?

I am sharing a directory which is mounted as NFS on the PDC. The 
fileserver's OS is SLES. However, I also tried to share some local 
directory, set the setgid bit and the result was the same.

And one more, less important problem. When I create a file in a shared 
directory from Windows in a directory that has been previously created 
in Linux, the permissions of the new file respect the mask set in 
smb.conf. However, when I create a file in a directory that has been 
created in Windows, the execution bit is set and ACLs are created. Is it 
possible to configurate the permissions to honor the mask in the config 
so the exec bit does not get set? I hope it is not too confusing.

The share config in smb.conf is very simple.

[data]
         path = /data
         read only = No
         create mask = 660
         directory mask = 2770

Thank you very much in advance.

Tomas Kralik