[Samba] unix_primary_group not used when writing files
Rowland Penny
rpenny at samba.org
Thu Aug 18 11:53:58 UTC 2022
On Thu, 2022-08-18 at 12:13 +0100, Matthew Richardson via samba wrote:
> > > I could explicitly set 'mandatory' ACLs on the homedir and have
> > > these
> > > propagate, but that feels like a workaround for something that
> > > the
> > > docs
> > > imply shouldn't be needed?
> >
> > Where does it imply that ? tell me and I will change it.
>
> I was just meaning that since the samba docs don't mention things
> like
> facls, setgid bits etc, this implies that the primary_unix_group
> setting
> should 'just work' to set group ownership , and I shouldn't need to
> do
> anything else 'special'. So yes, no doc changes needed!
If you are connecting from Windows, you really should be setting the
permissions from Windows.
>
> > Your problem is possibly being caused by the share being connected
> > by a
> > member of the g_alice group (yes, I know there is only one user)
> > and
> > the group doesn't have write access.
> >
>
> I've changed the permissions to be 775 on /home/alice (with group
> still
> g_alice) but it still creates files group owned 'domain user'.
It looks like inheritance may be causing this.
Can you run these commands:
ls -lad /home
getfacl /home
sudo samba-tool ntacl get /home --as-sddl
Rowland
More information about the samba
mailing list