[Samba] Samba4 not able to write to group writeable folder???
roland.schwingel at onevision.com
Wed Aug 5 12:52:46 UTC 2015
With samba4 I sometimes feel like a bloody beginner even I use samba
Miracle of the day: Users connecting using samba4 cannot write to group
writeable folders even they should be able to.
I upgraded one 3.6 fileserver to 4.2.3. PDC is always a samba 4.2.3
instance. I am using samba4 in classic PDC mode for a couple of reasons.
On my fileserver I have a folder called /TestData. It looks like this:
drwxr-xr-x 39 testdata testdata 4096 Aug 5 10:55 .
drwxr-xr-x 34 root root 4096 Aug 4 21:23 ..
drwxrwsr-x 12 testdata testdata 4096 Aug 5 14:20 0-9
drwsrwsr-x 211 testdata testdata 12288 Aug 5 12:21 A
drwxrwsr-x 185 testdata testdata 12288 Jul 8 15:39 B
drwxrwsr-x 166 testdata testdata 4096 Jun 26 13:18 C
drwxrwsr-x 35 testdata testdata 4096 Jun 12 08:15 X
drwxrwsr-x 12 testdata testdata 4096 Jun 20 2014 Y
drwxrwsr-x 49 testdata testdata 4096 Aug 5 10:57 Z
/TestData shall only be writeable by members of group testdata.
And only the subfolders shall be writeable not the root folder.
When a user belonging to the group testdata writes to one of these
subfolders (eg. A) under linux everything is fine. Other users are
blocked. So permissions are setup correctly.
With Samba3 this is the case also for windows users belonging to
testdata group. Not with samba4. Users belonging to testdata are *NOT*
allowed to write to *any* subfolder. Reading is ok. All users that
should write to TestData are member of the unix group testdata but not
as primary group.
My samba4 smb.conf
unix charset = UTF-8
workgroup = MYDOM
server string = Fileserver HOG
interfaces = eth0
bind interfaces only = Yes
security = DOMAIN
load printers = no
map to guest = Never
# log level = 1
log file = /usr/local/samba/var/log.%m
max log size = 500
name resolve order = host bcast
unix extensions = No
hide dot files = No
csc policy = disable
strict locking = No
wide links = Yes
# Workaround to make all .exe executable
acl allow execute always = True
comment = TestData
path = /TestData
read only = No
guest ok = No
inherit permissions = Yes
The smb.conf is quite similar to the one the one I use with samba3
I switched a couple of times between my old samba3.6 installation and my
new 4.2.3 but the symptom is still there. samba3 users can write, samba
4 users cant.
What kind of stupidity I miss here?
Thanks for your help,
More information about the samba