[Samba] SAMBA shares are READ ONLY to normal users

Kanito 73 kanito73 at hotmail.com
Thu Jan 14 01:03:01 UTC 2021 

Hello

I have installed SAMBA and used the default smb conf to setup a simple share but only root has full RW access, normal users can only read (write access is forbidden) even if the share is "read only = no" and the mount command has the "-o RW" option.

If I execute mount to see the mounted filesystems it shows the mounted samba shares as RW but a normal user can't write, delete or create. I only can see files, directories, copy from the shared directory, but it is impossible to write.

//servername/download on /net/servername/download type cifs (rw,relatime,vers=3.1.1,cache=strict,username=myusername,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.1.20,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=4194304,wsize=4194304,bsiz
e=1048576,echo_interval=60,actimeo=1)

//servername/shared on /net/servername/shared type cifs (rw,relatime,vers=3.1.1,cache=strict,username=myusername,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.1.20,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=4194304,wsize=4194304,bsize=10
48576,echo_interval=60,actimeo=1)

*** Notice that uid and gid are 0 but username is myusername ***

I have a system user on the server: myusername (/home/myusername)

I added it to the samba passwords: smbpasswd -a myusername

I mount it: mount -t cifs -o rw //servername/shared /net/servername/shared
(Then asks for 'myusername' password, not root password. Users are the same in both server and client sides.)

I can see the shared directory contents at /net/servername/shared but can't write nothing as myusername (only as root) in the client side

What can I do? Some tutorials say to use smbpasswd to add a system user as a samba user (and I used to do that in the past)... Other tutorials say to use a /.credentials or /root/.credentials file and the option credentials in the mount command or the fstab entry. Do I have to use both smbpasswd and .credentials together? It is very confusing, every tutorial shows something different.

The physical shared directories are subdirectories from a NTFS partition mounted on /mnt/ (all data files reside in a large NTFS partition that can be accessed from Linux or Windows).



THIS IS MY SMB.CONF

[global]


## Browsing/Identification ###

# Change this to the workgroup/NT-domain name your Samba server will part of
   workgroup = WORKGROUP

#### Networking ####
;   interfaces = 127.0.0.0/8 eth0

#### Debugging/Accounting ####
   log file = /var/log/samba/log.%m
   max log size = 1000
   logging = file
   panic action = /usr/share/samba/panic-action %d


####### Authentication #######

   server role = standalone server
   obey pam restrictions = yes
   unix password sync = yes
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
   pam password change = yes
   map to guest = bad user


########## Domains ###########


############ Misc ############

   usershare allow guests = yes


#======================= Share Definitions =======================

[homes]
   comment = Home Directories
   browseable = no
   read only = yes
   create mask = 0700
   directory mask = 0700
   valid users = %S

[install]
  comment = Install
  path = /mnt/data/INSTALL
  browseable = yes
  read only = yes
  guest ok = no

[shared]
  comment = Shared
  path = /mnt/data/DATA/Shared
  browseable = yes
  read only = no
  guest ok = no

[download]
  comment = Downloads
  path = /mnt/data/DOWNLOAD
  browseable = yes
  read only = yes
  guest ok = no


Notice that I mount the share as 'myusername' NOT AS ROOT. Only 'Shared' directory has read and write access, the rest are "read only = yes".


Thanks for your help!

More information about the samba mailing list