[Samba] Cannot delete/write after system update
Bob Bell
b_samba at thebellsplace.com
Sat Apr 25 22:38:04 MDT 2015
After upgrading one of my home servers, and I can no longer delete or
write files via Samba. I would very much appreciate assitance. I will
explain my situation and provide logs for the case of deleting a simple
file.
My configuration is to access my shares as a guest, which should be
mapped to the smbuser Linux account.
To achieve this I have set the following globally:
map to guest = Bad Password ## I added this after the upgrade, to replace "security = share"
guest ok = yes
guest account = smbuser
And the following on my share:
public = yes
writeable = yes
guest ok = yes ## Redundant, I guess
create mask = 0664
directory mask = 6775
My desire is that if a directory is writable by the smbuser group, then
it is writable via Samba. But this is not what I see (since the
upgrade).
If I create a directory owned by smbuser:smbuser with 0777 permissions,
I can upload a file, and delete the same file (using smbclient). The
uploaded file is owned by smbuser:smbuser, confirming (to me) that the
mapping to guest is functioning correctly.
However, if I remove the other write permission (i.e., drop permissions
to 0775), I can no longer delete files or write files. I get an
NT_STATUS_ACCESS_DENIED error.
I'm a seasoned programmer, and I've actually spent hours tried to debug
this, but I am coming up short. I can see that the
NT_STATUS_ACCESS_DENIED is coming from se_access_check(), because the
delete bit is not cleared, but I really lack the context to understand
WHY. I would greatly appreciate your assistance.
I've run through as simple an interaction as I can think of: using
smbclient to attempt to delete a "deleteme" file. I set debug logging
to 10 for this example, and collected a client-specific log. I believe
the key log line may be line 1599:
[2015/04/26 00:07:17.457393, 10, pid=22294, effective(1001, 1001), real(1001, 0)] ../source3/smbd/open.c:171(smbd_check_access_rights)
smbd_check_access_rights: file deleteme requesting 0x10000 returning 0x10000 (NT_STATUS_ACCESS_DENIED)
Note that the smbuser UID is 1001, and the smbuser GID is 1001.
I've uploaded the full log file to http://n01se.net/paste/Kmz for anyone
who would be so kind to offer their expertise.
Thank you in advance,
Bob
More information about the samba
mailing list