[Samba] Samba Permission Combination Conflict And Priority

刘浪 liulangliulang1988 at 126.com
Thu Apr 6 06:37:54 UTC 2017


I am a samba new user.  When a share for user has one permission, it is OK. When a share for user has permission combination,  there is something different in my thought.

In Linux user system,  a user can belong to multiple groups. For example:
The user (uf)  belongs to multiple groups (g_full and g_read)

[root at node-107-174 /]# id 1017

uid=1017(uf) gid=1017(g_full) groups=1017(g_full),1018(g_read)
my samba config file content:
workgroup = SAMBA
security = user
passdb backend = tdbsam

path = /dsf
read list = @g_read
valid users = @g_full @g_read
admin users = @g_full

according to https://www.samba.org/samba/docs/using_samba/ch09.html
1. the user uf in groups g_read and g_full,means it has read only and root permission, I think the user uf will has root permission,
but actually, the user uf only has read only permission, can not write.
In a word, when the user in read list and admin users, the user only has read only permission. [I think the user will has root permission, but something different]

In my thought,permission conflict priority:
invalid users > admin users > write list > read lists

But this situation is not ok.

2. Another situation, When the user in read list, write list, and admin users, the user has root permission. [This situation is ok]

Auxiliary information:
[root at node-107-174 /]# uname -a
Linux node-107-174 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

[root at node-107-174 /]# rpm -qa | grep samba



Look forward to your reply,Thank you very much.

                                                                                                                Lang Liu

More information about the samba mailing list