[Samba] Cannot delete/write after system update

Bob Bell b_samba at thebellsplace.com
Sat Apr 25 22:38:04 MDT 2015

After upgrading one of my home servers, and I can no longer delete or 
write files via Samba.  I would very much appreciate assitance.  I will 
explain my situation and provide logs for the case of deleting a simple 

My configuration is to access my shares as a guest, which should be 
mapped to the smbuser Linux account.

To achieve this I have set the following globally:
  map to guest = Bad Password ## I added this after the upgrade, to replace "security = share"
  guest ok = yes
  guest account = smbuser

And the following on my share:
  public = yes
  writeable = yes
  guest ok = yes ## Redundant, I guess
  create mask = 0664
  directory mask = 6775

My desire is that if a directory is writable by the smbuser group, then 
it is writable via Samba.  But this is not what I see (since the

If I create a directory owned by smbuser:smbuser with 0777 permissions, 
I can upload a file, and delete the same file (using smbclient).  The 
uploaded file is owned by smbuser:smbuser, confirming (to me) that the 
mapping to guest is functioning correctly.

However, if I remove the other write permission (i.e., drop permissions 
to 0775), I can no longer delete files or write files.  I get an 

I'm a seasoned programmer, and I've actually spent hours tried to debug 
this, but I am coming up short.  I can see that the 
NT_STATUS_ACCESS_DENIED is coming from se_access_check(), because the 
delete bit is not cleared, but I really lack the context to understand 
WHY.  I would greatly appreciate your assistance.

I've run through as simple an interaction as I can think of: using 
smbclient to attempt to delete a "deleteme" file.  I set debug logging 
to 10 for this example, and collected a client-specific log.  I believe 
the key log line may be line 1599:

[2015/04/26 00:07:17.457393, 10, pid=22294, effective(1001, 1001), real(1001, 0)] ../source3/smbd/open.c:171(smbd_check_access_rights)
  smbd_check_access_rights: file deleteme requesting 0x10000 returning 0x10000 (NT_STATUS_ACCESS_DENIED)

Note that the smbuser UID is 1001, and the smbuser GID is 1001.

I've uploaded the full log file to http://n01se.net/paste/Kmz for anyone 
who would be so kind to offer their expertise.

Thank you in advance,

More information about the samba mailing list