[Samba] Samba4 not able to write to group writeable folder???

Bob of Donelson Trophy bob at donelsontrophy.net
Wed Aug 5 15:02:51 UTC 2015


 

I had a similar issue in that I wanted a common directory for all users
(we are very small) to be able to read/write and everyone can see and/or
change as needed. 

I discovered (and this is as much help as I can give on this subject)
that for the group to have access was an ACL permissions issue. New (to
me anyway) and almost completely separate to standard Linux file
permissions. 

Essentially you have a directory that needs to have the ACL's adjusted
to allow access. (I do not think this was ever part of the "Samba3
world".) 

Check out "setfacl" and "getfacl" and you will be able to set ACL
permissions so W7 clients can access. 

This "ACL" world is wonderful, once you get your head around it. 

Good luck. 

---

_______________________________ 

Bob Wooden of Donelson Trophy

615.885.2846
www.donelsontrophy.com [1]

"Everyone deserves an award!!"

On 2015-08-05 07:52, Roland Schwingel wrote: 

> Hi...
> 
> With samba4 I sometimes feel like a bloody beginner even I use samba since ages.
> 
> Miracle of the day: Users connecting using samba4 cannot write to group writeable folders even they should be able to.
> 
> I upgraded one 3.6 fileserver to 4.2.3. PDC is always a samba 4.2.3 instance. I am using samba4 in classic PDC mode for a couple of reasons.
> 
> On my fileserver I have a folder called /TestData. It looks like this:
> drwxr-xr-x 39 testdata testdata 4096 Aug 5 10:55 .
> drwxr-xr-x 34 root root 4096 Aug 4 21:23 ..
> drwxrwsr-x 12 testdata testdata 4096 Aug 5 14:20 0-9
> drwsrwsr-x 211 testdata testdata 12288 Aug 5 12:21 A
> drwxrwsr-x 185 testdata testdata 12288 Jul 8 15:39 B
> drwxrwsr-x 166 testdata testdata 4096 Jun 26 13:18 C
> .
> .
> .
> drwxrwsr-x 35 testdata testdata 4096 Jun 12 08:15 X
> drwxrwsr-x 12 testdata testdata 4096 Jun 20 2014 Y
> drwxrwsr-x 49 testdata testdata 4096 Aug 5 10:57 Z
> 
> /TestData shall only be writeable by members of group testdata.
> And only the subfolders shall be writeable not the root folder.
> 
> When a user belonging to the group testdata writes to one of these subfolders (eg. A) under linux everything is fine. Other users are blocked. So permissions are setup correctly.
> 
> With Samba3 this is the case also for windows users belonging to testdata group. Not with samba4. Users belonging to testdata are *NOT* allowed to write to *any* subfolder. Reading is ok. All users that should write to TestData are member of the unix group testdata but not as primary group.
> 
> My samba4 smb.conf
> [global]
> unix charset = UTF-8
> workgroup = MYDOM
> server string = Fileserver HOG
> interfaces = eth0
> bind interfaces only = Yes
> security = DOMAIN
> load printers = no
> map to guest = Never
> # log level = 1
> log file = /usr/local/samba/var/log.%m
> max log size = 500
> name resolve order = host bcast
> unix extensions = No
> hide dot files = No
> csc policy = disable
> strict locking = No
> wide links = Yes
> # Workaround to make all .exe executable
> acl allow execute always = True
> 
> [TestData]
> comment = TestData
> path = /TestData
> read only = No
> guest ok = No
> inherit permissions = Yes
> 
> The smb.conf is quite similar to the one the one I use with samba3
> 
> I switched a couple of times between my old samba3.6 installation and my new 4.2.3 but the symptom is still there. samba3 users can write, samba 4 users cant.
> 
> What kind of stupidity I miss here?
> 
> Thanks for your help,
> 
> Roland
 

Links:
------
[1] http://www.donelsontrophy.com


More information about the samba mailing list