[Samba] Problems with my samba share permissions
Rowland Penny
rpenny at samba.org
Tue Apr 25 08:25:44 UTC 2023
On 25/04/2023 03:38, Steven Vishoot via samba wrote:
> I have a situation where my shares all give me permission denied errors
> whenever I try to save a file to it. I have four shares and one of them is
> allowed to save but the others will not save anything. The one that I can
> write to is original to the server and was set up when samba still had swat
> and that let me do a lot of things in the shared files. The other three
> were added later and I didn't try saving anything to these drives because
> originally was the backup server. Now it is the main server since the
> other server crashed. Now I cannot figure out what is wrong even when I use
> webmin it still doesn't show me that anything is wrong. What else can I do?
> I am stumped and annoyed. I have attached my config file for samba. Please
> can someone help me figure this out?
> Regards,
> Steven Vishoot
>
>
I wouldn't use webmin, it hasn't really kept up with Samba.
You haven't told us what OS and Samba version you are using, so the
following is guess work.
This list strips attachments, so this is the OP's smb.conf:
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
[global]
host allow = 192.168.1, 127.
load printers = yes
cups options = raw
printing = cups
workgroup = SAMBA
create mask = 0664
printcap name = cups
encrypt passwords = yes
dirctory mask = 0777
Unless that is a copying error, dirctory should be directory
security = user
passdb backend = tdbsam
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
[image-movies]
comment = All movies
writeable = yes
user = @svishoot
Hmm, 'user' was a synonym for 'username' and 'username' was removed at
Samba 4.5.0
I would change 'user' to 'valid users'
path = /images-movies
[shared]
comment = Shared Directory
writeable = yes
valid users = @svishoot,,steven
user = @svishoot
path = /shared
directory mode = 775
[music]
comment = Music Directory
path = /music
user = @svishoot
writeable = yes
read only = no
You do know that 'writeable' and 'read only' are inverted synonyms ?
That is, in the way you have them set, they mean exactly the same.
[picture]
comment = Picture Directory
path = /picture
user = @svishoot
writeable = yes
read only = no
[quicken]
comment = Quicken Directory
path = /quicken
user = @svishoot, at steven
writeable = yes
read only = no
The other thing to look at, Samba cannot give more permissions than the
underlying acls allow, so check that the users have the required
permissions on the share directories.
Rowland
More information about the samba
mailing list