[Samba] "force user" option with NT4 domain
Bowie Bailey
Bowie_Bailey at BUC.com
Fri Oct 17 12:51:33 MDT 2014
On 10/17/2014 2:39 PM, Rowland Penny wrote:
> On 17/10/14 19:32, Bowie Bailey wrote:
>> On 10/17/2014 2:25 PM, steve wrote:
>>> On 17/10/14 20:14, Bowie Bailey wrote:
>>>> On 10/17/2014 1:02 PM, steve wrote:
>>>>> On 17/10/14 18:20, Bowie Bailey wrote:
>>>>> it doesn't make them readable by
>>>>>> whichever user happens to connect unless I also change the
>>>>>> permissions
>>>>>> to 777.
>>>>> What is the acl on the share?
>>>> I have not intentionally set any acls.
>>>>
>>> Sorry mate. We can't guess.
>> Let me be a bit clearer. I have not set any acls on the files and I
>> do not know how to either set the acls or list them. If you give me
>> the command to show the acls, I'll take a look.
>>
>> Since I was the one who set up the original file share, there should
>> not be any acls unless they were created automatically in some way.
>>
> OK, make sure that you have the 'attr' package installed and then run
> 'getfacl /home/shares/public/public' , post the output of this command.
# getfacl /home/shares/public/public
getfacl: Removing leading '/' from absolute path names
# file: home/shares/public/public
# owner: pcguest
# group: pcguest
user::rwx
group::r-x
other::r-x
I also created a brand new share as a test case with the exact same results:
[test]
path = /home/shares/test
public = yes
writeable = yes
browseable = yes
force user = pcguest
# getfacl /home/shares/test
getfacl: Removing leading '/' from absolute path names
# file: home/shares/test
# owner: pcguest
# group: pcguest
user::rwx
group::rwx
other::rwx
It doesn't seem to be related to file permissions. If the permissions
are wrong, I get "access denied". I only see the error about the
security ID structure when the I add the "force user" option to the share.
--
Bowie
More information about the samba
mailing list