[Samba] Read-only permissions - incorrect user mapping?

Steven Foucault telesteven90 at gmail.com
Thu Dec 26 19:28:15 UTC 2019 

CentOS 8
Samba 4.9.1
Client: macOS 10.14

[global]
    workgroup = LOCAL
    log file = /var/log/samba/log.smb
    max log size = 1000
    syslog = 0
    server role = standalone server
    unix password sync = no
    min protocol = SMB2
    ea support = yes
    vfs objects = catia fruit streams_xattr
    fruit:aapl = yes
    readdir_attr:aapl_rsize = yes
    readdir_attr:aapl_finder_info = yes
    readdir_attr:aapl_max_access = yes
    fruit:nfs_aces = yes
    fruit:copyfile = yes
    fruit:metadata = netatalk
    fruit:resource = file
    fruit:locking = none
    fruit:encoding = private
    unix extensions = yes
    spotlight = yes
    smb2 max read = 8388608
    smb2 max write = 8388608
    smb2 max trans = 8388608
    smb2 leases = yes
    aio read size = 1
    aio write size = 1
    kernel oplocks = no
    use sendfile = yes
    strict sync = yes
    sync always = no
    delete veto files = true
    fruit:veto_appledouble = yes
    fruit:posix_rename = yes
    fruit:zero_file_id = yes
    fruit:wipe_intentionally_left_blank_rfork = yes
    fruit:delete_empty_adfiles = yes
    disable netbios = yes
    dns proxy = no
    smb ports = 445


> On 26.12.2019, at 20:19, Rowland penny via samba <samba at lists.samba.org> wrote:
> 
> On 26/12/2019 18:46, Steven Foucault via samba wrote:
>> I have a problem regarding permissions of a SMB share.
>> I created a share for my user “steven” which has correct unix permissions (I have read/write access to this folder when I log in to the server via “steven”)
>> 
>> drwxr-xr-x   steven root   share
>> 
>> When I export this share with no “force user” entry in smb.conf I can access the share only read only.
>> When I use “force user = steven” it’s the same.
>> When I use “force user = root” I have read write access to this share.
>> 
>> It looks like the samba user “steven” (which exists) is not mapped to the correct unix user. I thought this is the default behaviour.
>> 
>> pdbedit -L
>> steven:1000:steven
>> 
>> id steven
>> uid=1000(steven) gid=1000(steven) groups=1000(steven)
>> 
>> When I add - chmod o+w share - write permissions for “others” I can access share read/write via samba.
>> How can I make samba connect the samba user “steven” to the system user “steven”?
>> 
>> BTW: There’s no SELinux enabled.
>> 
>> Thanks!
>> Steven
>> 
>> 
>>>> [share]
>>     path = /tank
>>     available = yes
>>     browsable = yes
>>     read only = no
>>     writeable = yes
>>     create mask = 0600
>>     directory mask = 0700
>>     public = no
>>     force user = steven
> 
> Sorry, but not enough info ;-)
> 
> What OS ?
> 
> What Samba version ?
> 
> What is in [global] ?
> 
> What are you connecting from ?
> 
> That should be enough to start from.
> 
> Rowland
> 
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list