[Samba] No group write permission
Paul Muaddib
paul.muaddib83 at gmail.com
Mon Mar 29 13:50:06 UTC 2021
I could not find any ACCESS_DENIED or EINVAL inside the log file with level
5
What I recoginzied is that the following errors are output dozens of times
unix_mode: unix_mode(Share) returning 0770
../../source3/smbd/dosmode.c:423(get_ea_dos_attribute)
get_ea_dos_attribute: Cannot get attribute from EA on file Share: Error =
Attribute not found
Did not find user fileserver
user2 opened file Share/test.docx read=No write=No
pdb_default_uid_to_sid: Did not find user fileserver (1005)
pdb_getsampwnam (TDB): error fetching database.
Key: USER_fileserver
Am So., 28. März 2021 um 01:49 Uhr schrieb Andrew Walker <
walker.aj325 at gmail.com>:
>
>
> On Sat, Mar 27, 2021 at 9:00 AM Paul Muaddib via samba <
> samba at lists.samba.org> wrote:
>
>> Sure
>>
>> [global]
>> log file = /var/log/samba4/log.%m
>>
>> server string = NAS Server
>> workgroup = WORKGROUP
>>
>> bind interfaces only = yes
>> interfaces = lo0 lagg0
>>
>> security = user
>> encrypt passwords = true
>>
>> time server = yes
>> load printers = no
>>
>> template homedir = /fileserver/users/%U
>> allow insecure wide links = yes
>>
>> [data]
>> comment = Daten
>> path = /fileserver/data
>> valid users = @fileserver, @sales, @purchase
>> write liste = @fileserver, @sales, @purchase
>>
>> browsable = yes
>> writable = yes
>> read only = no
>> guest ok = no
>> public = no
>> follow symlinks = yes
>> wide links = yes
>> create mask = 0770
>> force create mode = 0770
>> directory mask = 2775
>> force directory mode = 2770
>> hide unreadable = yes
>> crossrename:sizelimit = 50
>>
>> [users]
>> comment = Benutzer
>> path = /fileserver/users
>> valid users = @fileserver
>>
>> browsable = yes
>> writable = yes
>> read only = no
>> guest ok = no
>> public = no
>>
>> create mask = 0750
>> force create mode = 0750
>> directory mask = 0750
>> force directory mode = 0750
>>
>> hide unreadable = yes
>>
>> Am Sa., 27. März 2021 um 13:52 Uhr schrieb Rowland penny via samba <
>> samba at lists.samba.org>:
>>
>> > On 27/03/2021 12:31, Paul Muaddib via samba wrote:
>> > > Hi
>> > >
>> > > I have one shared folder [data] that is shared by multiple users.
>> Inside
>> > > this share are multiple folders with different group permissions. But
>> the
>> > > group permissions are bing ignored. For example when User2 wants to
>> open
>> > > „test.docx“ in the folder data/share then there is no write
>> permission in
>> > > windows although there is group write permission.
>> > >
>> >
>> > Can we see your entire smb.conf
>> >
>> > Rowland
>> >
>> >
>> >
>> > --
>> > To unsubscribe from this list go to the following URL and read the
>> > instructions: https://lists.samba.org/mailman/options/samba
>> >
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>
>
> When zfsacl is not set on the share, the default VFS operations to get /
> set NT ACLs will fall through the POSIX ACL code path. Since ZFS on FreeBSD
> does not support POSIX1E ACLs, this may fail with EINVAL. Not sure if
> that's what you are seeing here. Maybe boost log level and check for what
> exactly is failing with ACCESS_DENIED. I usually start with 5 and if that
> doesn't make the issue painfully obvious, bump up to 10.
>
More information about the samba
mailing list