[Samba] NFS mountpint redistributed over SMB

Eugene M. Zheganin emz at norma.perm.ru
Wed Apr 18 17:55:25 UTC 2018


I have an NFS mount point served as a samba share. I know it's kind of 
lame, and until recenlty I was sure that this isn't the kind of case 
that would work, because over the years I experimented with this and all 
I was getting were failures.

But I accudentally discovered that it's working, but under one 
condition: the user must be a domain administrator (my samba is a AD 
domain member). While this is perfectly working for domain admins, 
ordinary users are unable to browse the share: they can only CWD. When 
trying to list the share, I get:

Domain=[QWERTY] OS=[Windows 6.1] Server=[Samba 4.5.16]
smb: \> ls

Same smbclient is working great when the userI connect with is a domain 

I know what you think, but no: both users, admin and ordinary one are 
non-localones. both are mapped via winbind.

So, how can I understand why ordinary user's access is blocked and how 
can I unblock it ?

Share config below.

create mask = 664
directory mask = 775
comment = FTP Directory
wide links = yes
allow insecure wide links = yes
path = /var/spool/internet/ftp
force user = nobody
force group = nogroup
write list = "@QWERTY+domain users"
read list = "@QWERTY+domain users"
guest ok = no
browseable = yes
writable = yes
printable = no
vfs objects = zfsacl
nfs4:acedup = merge
nfs4:chown = yes
nfs4:mode = special
zfsacl:acesort = dontcare

This piece below doesn't affect the behavior:

force user = nobody
force group = nogroup
write list = "@QWERTY+domain users"
read list = "@QWERTY+domain users"

I tried to comment in out, but no. Nothing changes.

I also tried to suid to this "ordinary user" and cwd in the shell to the 
problem place - everything is workiung just fine.


More information about the samba mailing list