[Samba] Samba 4.6.2 does not inherit setgid bit (anymore)
Lorenzo Delana
lorenzo.delana at gmail.com
Tue Jan 30 18:29:49 UTC 2018
Hi Vincent,
have you found a solution that makes "force directory mode = 2770" able
to apply to new created folders ?
I have a similar problem:
if I set by hand (eg. chmod 2770) the folder A and then I try to create
an X element into that folder through samba I get the result needed (
group of X become overriden from parent folder A ) but the problem is
that the new element X not honor forced mode discarding into 0770
A rwxrw*s*---
A\X rwxrw*x*---
In many thread this problem appears and frequently the answer is that
the group bit can't inherited through linux, but this is not the point
because that's true and known, the problem seems that samba simply
discard or not manage to apply these sticky bits at all ( at least
regarding latest v4.7.4 ), I grabbed from the log following excerpt:
[2018/01/30 19:05:17.994374, 5, pid=3294, effective(2002158,
2000513), real(2002158, 0)] ../source3/smbd/dosmode.c:206(unix_mode)
unix_mode: unix_mode(sharetest/A/X/New folder (10)) returning 02770
...
[2018/01/30 19:05:18.064582, 5, pid=3294, effective(2002158,
2000513), real(2002158, 0)] ../source3/smbd/dosmode.c:206(unix_mode)
unix_mode: unix_mode(datatest/A/X/New folder (10)) returning 0770
Another efficient workaround could be to attach a simple script at some
samba callback ( eg. file_created() ), but I don't know if exists such
feature.
I definitively too need to understand where the problem is because in my
scenario I have a C folder readable only by domain users and writable
only by some users but when such users create something there new files
looks like the following
C\new_file poweruser AD\*domain users* rwx*rwx*---
the problem is that now "all domain users" can go to write where default
acl deny that because of the ownership,group together with 77 permission
that I need to manage everything through ACLs.
--
Lorenzo Delana |
|
More information about the samba
mailing list