[Samba] Allowing file permissions changes with mac os x clients.
samba
samba at aio.li
Thu Apr 2 13:53:52 MDT 2015
Hi All,
at work all our clients are macs (10.10 yosemite). We are trying to move
from the classical afp file server to a samba based file server. After a
lot of testing, things now works more or less: a mac server acts as
Kerberos+OpenLDAP and a linux debian 7 box is doing the file server with
samba 4.2.0.
A client which has "joined" (which is bound in mac jargon) the
OpenLDAP/Kerberos (the opendirectory) domain can mount shares and/or
home directories on the samba server, leveraging Kerberos and that is
very nice, thanks to SMB3 being implemented both in samba 4 and in osx
10.10.
Yet their is no way the mac client can change the permissions of a file
whether using the mac "Finder" application or using a classical "chmod".
The former says only "you have custom permissions.", while the later
returns 0 says nothing but changes nothing either. For the sake of the
tests all the shared directories on the samba server are in 777 mode.
I tried vfs_fruit by adding
vfs objects = catia fruit streams_xattr
fruit:resource = file
fruit:metadata = stream
fruit:locking = none
fruit:encoding = native
fruit:aapl = yes
but with no luck (performances are way worse with these lines enabled
when it should be the contrary... did not investigate that yet)
Here is my smb.conf:
[global]
security = ads
encrypt passwords = yes
realm = OD.EXAMPLE.COM
password server = od.example.com
workgroup = OD
kerberos method = dedicated keytab
dedicated keytab file = /etc/krb5.keytab
map to guest = never
obey pam restrictions = no
client min protocol = SMB3
unix extensions = yes
ea support = yes
case sensitive = yes
delete readonly = yes
winbind enum users = no
winbind enum groups = no
[homes]
path = /mnt/users/%u
comment = Home Directory for %U
valid users = %S
read only = no
browseable = no
hide unreadable = yes
hide unwriteable files = yes
Any help would be much appreciated.
Jeremie
More information about the samba
mailing list