[Samba] Samba CIFS Mounts with Kerberos Security: Write Access denied
Kraus, Sebastian
sebastian.kraus at tu-berlin.de
Tue Nov 6 08:37:29 UTC 2018
Hi all,
I am testing different setups for Samba home share mounts via the
CIFS protocol on Linux clients with and without Keberos security (both
krb5 and krb5i). I am experiencing some strange behaviour in case of
Kerberos authentication:
In case of mounts (by root or the user itself) without Kerberos security (only
NTLMv2 authentication), local root and the owning user on the Linux client is
granted read and write access for the files within the mounted tree. However,
while using Kerberos security, ever user - even the owner of the files on the
mount - is denied write access to the files on the mount. Reading access is still
granted as expected/supposed.
The logging for the client machine on the Samba server side shows errors of
the following type, while a user owned smbd process tries to access files in a
writing manner:
[2018/11/06 08:39:49.839769, 5, pid=15886, effective(1166435, 8875), real(1166435, 0)] ../source3/smbd/open.c:317(check_parent_access)
check_parent_access: access check on directory . for path yess for mask 0x2 returned (0x2) NT_STATUS_ACCESS_DENIED
[...]
[2018/11/06 08:39:49.840334, 3, pid=15886, effective(1166435, 8875), real(1166435, 0)] ../source3/smbd/error.c:82(error_packet_set)
NT error packet at ../source3/smbd/error.c(165) cmd=50 (SMBtrans2) NT_STATUS_ACCESS_DENIED
Any suggestions about the possible root cause of the problem?
Best
Sebastian
Sebastian Kraus
Team IT am Institut für Chemie
Gebäude C, Straße des 17. Juni 115, Raum C7
Technische Universität Berlin
Fakultät II
Institut für Chemie
Sekretariat C3
Straße des 17. Juni 135
10623 Berlin
Email: sebastian.kraus at tu-berlin.de
More information about the samba
mailing list