[Samba] cannot set filesystem permissions on shares
Pisch Tamás
pischta at gmail.com
Tue Jul 2 11:38:05 UTC 2019
> > Hi,
> >
> > I would like to set filesystem permissions on shares (users, at the
> > moment) with Windows 10 (1809).
> > On the Samba side, the filesystem is ext4. I tested the extended
> > attributes usability with setfattr/getfattr, and setfacl/getfacl, and
> > they work.
> > I set the followings in smb.conf:
> > [global]
> > vfs objects = acl_xattr
> > map acl inherit = yes
> > store dos attributes = yes
> > ...
> >
> > [users]
> > path = /home/users
> > read only = no
> >
> > And:
> > chown root:"Domain Admins" /home/users
> > chmod 0770 /home/users
> >
> > I gave SeDiskOperatorPrivilege to the Administrator user (I don't
> > understand, why he doesn't have it default) on dc1, and on the file
> > server too.
> >
> > On Windows, I can connect to the Samba file server, with computer
> > management (it connects immediately, but, when I click on the system
> > tools, it gives me an error message: SRV cannot connect... When I
> > click on the ok, it connects after all). I can see shares in Shared
> > folders/Shares. I can set share permissions, but on the security tab,
> > I see that I need read permission for the object. When I click on
> > Special button, the situation is similar: I don't have permission for
> > the object.
> > What additional settings I need, what should I check?
> >
> Can you start by posting your entire smb.conf
Yes:
[global]
bind interfaces only = Yes
dos charset = CP852
interfaces = lo enp0s3
log file = /var/log/samba/%m.log
log level = 1
name resolve order = wins bcast
realm = A.B.HU
security = ADS
template homedir = /home/users/%U
template shell = /bin/bash
unix charset = UTF8
username map = /etc/samba/user.map
wins server = 192.168.0.4
workgroup = A
idmap config a : range = 10000-999999
idmap config a : backend = rid
idmap config * : range = 3000-7999
idmap config * : backend = tdb
create mask = 0770
csc policy = disable
directory mask = 0770
map acl inherit = Yes
store dos attributes = Yes
vfs objects = acl_xattr
[users]
path = /home/users
read only = No
More information about the samba
mailing list