[Samba] permissions of new files and directories
jan-philipp.snizek at business.uzh.ch
jan-philipp.snizek at business.uzh.ch
Thu Sep 22 09:53:36 UTC 2016
Hello
I'm running Samba 4.3.9 on Ubuntu 14 as domain member. Both Windows DCs
are Win 2012 R2 in 2008 R2 mode.
This is the smb.conf:
[global]
workgroup = MYDOM
server string = Fileserver
netbios name = myhostname
winbind separator = +
security = ADS
admin users = %D+administrator, %D+backupmaster
realm = MYDOM.WHEREVER
kerberos method = secrets and keytab
winbind enum users = yes
winbind enum groups = yes
winbind nss info = template
winbind use default domain = no
winbind refresh tickets = true
winbind nested groups = yes
idmap config *:backend = rid
idmap config *:range = 100000-100000000
idmap config *:base_rid = 0
template shell = /usr/bin/nologin
template homedir = /home/%D/users/%U
obey pam restrictions = yes
allow trusted domains = no
client use spnego = yes
client signing = auto
preferred master = no
load printers = no
unix charset = UTF8
log file = /var/log/samba/log.%m
log level = 3
max log size = 50000
server max protocol = SMB3
map untrusted to domain = yes
log writeable files on exit = yes
This is one of the many team share configs. They are all like this.
[Team_XXX]
comment = Team XXX
path = "/home/teams1/team_xxx"
browseable = yes
write list = "@%D+team xxx"
admin users = @%D+domänen-admins
valid users = @%D+domänen-admins, "@%D+team xxx"
public = no
force group = "%D+team xxx"
directory mask = 0770
create mask = 0660
When I as member of %D+team xxx create a new directory in this share, the
permissions of the new directory become 750 instead of 770. New created
files do get 660.
I have tried force directory mode = 0770 to no effect. I've also tried
inherit permissions = yes. New created files then get 660 and directories
get 750 instead of 770.
Thanks for helping out.
Best regards,
Philipp
More information about the samba
mailing list