[Samba] Samba4 and file permissions
Stefano Martini
S.Martini at ifinet.it
Mon Dec 19 09:24:07 UTC 2016
Hello
I configured a samba 4.3.1 service on a Centos 6.5 32 bit system and installed it in the /home/samba/samba-4.3.1 directory (I know this is not a good place but it was the only partition with enough free space).
The samba is running as an Active Directory Domain Controller with rfc2307 enabled and embedded DNS server.
This is my smb.conf
# Global parameters
[global]
workgroup = TESTDOM
realm = TESTDOM.LOCAL
netbios name = DC-SERVER
server role = active directory domain controller
dns forwarder = X.X.X.X
idmap_ldb:use rfc2307 = yes
[netlogon]
path = /home/samba/samba-4.3.1/var/locks/sysvol/lacdevel.lac/scripts
read only = No
[sysvol]
path = /home/samba/samba-4.3.1/var/locks/sysvol
read only = No
[homes]
comment = %u's Home Directory
read only = no
browseable = no
guest ok = no
directory mask = 755
create mask = 0644
force create mode = 0644
On the Linux host I have the user "userX", with uid 503, belonging to the group "groupX", with gid 507.
I created the corresponding user and group into the Samba server by using the samba-tool command:
# Created the user
samba-tool user add userX --unix-home=/home/userX --uid-number=503 --login-shell=/bin/bash --gid-number=507 --given-name=NameX --surname=SurnameX
# Created the group
samba-tool group add groupX --gid-number=507 --nis-domain=testdom
# Added the user into the group
samba-tool group addmembers groupX userX
Then, by using an LDAP administration tool, a chanced the primaryGroupID attribute of the userX user to the RID of the groupX group (1104).
This configuration works fine. On a remote system I can mount the userX's home:
mount -t cifs //x.x.x.x/userX /mnt -o user=TESTDOM\\userX
Password:
Now I have this problem: every file created by the remote host has the same permissions. For example, running
touch /mnt/fileX
on the remote host creates fileX in the userX's home with these permissions:
ls -l /home/userX/fileX
-rwxrwxr-x+ 1 userX groupX 0 Dec 19 10:13 /home/userX/fileX
How can I set the permission of files according to the umask of the userX linux user?
Is there a way to define this property into the Samba AD database ?
Thanks in advance
Stefano
More information about the samba
mailing list