[Samba] User permissions of profile/home directory lost

Paul R. Ganci ganci at nurdog.com
Thu Mar 1 04:00:24 UTC 2018 

Hi All,

I run a small domain for my home that consists just of two user 
accounts... one for my wife and one for me. I just have a single DC and 
the home and profile shares are located on the DC. For years this setup 
has served just fine giving me access to both linux and windows with a 
unified authentication and file server base.

However, on Monday around 12 noon MST my wife lost permissions to her 
home and profile directories on both our Windows 7 Pro and CentOS 6&7 
systems. If I logged into the DC and did 'getent passwd' her account 
showed up correctly. A 'ls -lat' command showed that the directory/files 
were owned properly by my wife's account. A getfacl showed that the ACLs 
were exactly like my own account which functioned properly. There was 
absolutely no reason for her to be denied permission to her directories 
or the files contained therein. And the permission issue was present 
even on the DC.

After struggling with this problem for the past 48 hours I decided to do 
a 'chown -R' on her profile and home directories, even though I thought 
this was silly since other linux commands indicated everything was setup 
correctly. Much to my surprise the 'chown -R' command fixed the problem.

I am at a loss as to what could have possibly occurred to make the DC 
believe that my wife's account was not the owner of her home and profile 
directory and the files contained in those directories. It seems even 
stranger that on the DC, linux indicated that my wife's account owned 
the files but yet would not grant permission even though the ownership 
and ACLs were correct.

Everything is well now, albeit for how long I don't know. I would be 
extremely grateful for any thoughts on what might have occurred and how 
to avoid this issue in the future. My wife's email was lost for ~48 
hours because a bounce occurred due to the inability of dovecot to write 
to her account's maildir. Needless to say my wife was not happy and an 
unhappy wife ... well I let's just say I would like to avoid that in the 
future.

Thank you for any insights.
-- 
Paul (ganci at nurdog.com)
Cell: (303)257-5208

More information about the samba mailing list