[Samba] Samba Permission Combination Conflict And Priority
liulangliulang1988 at 126.com
Thu Apr 6 06:37:54 UTC 2017
I am a samba new user. When a share for user has one permission, it is OK. When a share for user has permission combination, there is something different in my thought.
In Linux user system, a user can belong to multiple groups. For example:
The user (uf) belongs to multiple groups (g_full and g_read)
[root at node-107-174 /]# id 1017
uid=1017(uf) gid=1017(g_full) groups=1017(g_full),1018(g_read)
my samba config file content:
workgroup = SAMBA
security = user
passdb backend = tdbsam
path = /dsf
read list = @g_read
valid users = @g_full @g_read
admin users = @g_full
according to https://www.samba.org/samba/docs/using_samba/ch09.html
1. the user uf in groups g_read and g_full，means it has read only and root permission, I think the user uf will has root permission,
but actually, the user uf only has read only permission, can not write.
In a word, when the user in read list and admin users, the user only has read only permission. [I think the user will has root permission, but something different]
In my thought，permission conflict priority:
invalid users > admin users > write list > read lists
But this situation is not ok.
2. Another situation, When the user in read list, write list, and admin users, the user has root permission. [This situation is ok]
[root at node-107-174 /]# uname -a
Linux node-107-174 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
[root at node-107-174 /]# rpm -qa | grep samba
Look forward to your reply，Thank you very much.
More information about the samba