[Samba] chdir_current_service: vfs_ChDir(/srv/samba/users) failed: Permission denied.
Rowland Penny
rpenny at samba.org
Sat Nov 27 18:22:20 UTC 2021
On Sat, 2021-11-27 at 11:27 -0600, Patrick Goetz via samba wrote:
>
> On 11/27/21 05:35, Rowland Penny via samba wrote:
> > On Sat, 2021-11-27 at 11:09 +0000, spindles seven via samba wrote:
> > > On 27 November 2021 10:10 Ralph Boehme wrote:
> > > > what about the permission on /, /srv and /srv/samba? The
> > > > account
> > > > needs
> > > > at least "x" there.
> > > >
> > > > -slow
> > > >
> > > Thanks Ralph.
> > >
> > > So "x" was missing on /srv/samba:
> > > root at lxd-m1:~# ls -l /srv
> > > total 16
> > > drwxrwx--- 1 root domain admins 34 Feb 26 2021 samba
> > >
> > > So add it:
> > > root at lxd-m1:~# chmod 771 /srv/samba
> > > root at lxd-m1:~# ls -l /srv
> > > total 16
> > > drwxrwx--x 1 root domain admins 34 Feb 26 2021 samba
> > >
> > > The samba WiKi doesn't mention adding the "x" at all in the
> > > directory
> > > hierarchy as far as I can see; if so maybe a note needs adding
> > > to
> > > the relevant page(s)?
> >
> > That is because it is standard Unix, 'x' on a directory means
> > 'enter'
> > or 'traverse' and if you cannot traverse directories, then you
> > cannot
> > reach the share.
> >
>
> Sure, but Samba, which runs are root, is acting as a middle man in
> the
> file service, so it's not transparently clear that user execute
> permission in a parent directory is a prerequisite for access; e.g.
> Samba could be treating this like a bind mount or NFS root. In fact,
> based on the way shares are accessed this would be a logical
> assumption.
> I mount \\server\share, not server:/data/share which is where the
> files
> actually live in the filesystem hierarchy so why should I care what
> the
> permissions on /data are?
>
> This is something worth mentioning in a warning note.
Possibly, but the share permissions should be set at creation and as
this is on Linux, you would expect the Linux sysadmin to be aware of
this. The other problem is just where to put such a note/warning ?
Rowland
More information about the samba
mailing list