[Samba] Share access permission errors after upgrade from 4.12.14
Rowland Penny
rpenny at samba.org
Fri Jan 19 10:41:02 UTC 2024
On Fri, 19 Jan 2024 10:12:12 +0000
Rowland Penny via samba <samba at lists.samba.org> wrote:
> On Tue, 16 Jan 2024 23:28:24 +0000
> unraidster via samba <samba at lists.samba.org> wrote:
>
> > On Tuesday, 16 January 2024 at 09:46, Rowland Penny via samba
> > <samba at lists.samba.org> wrote:
> >
> > > As far as I can see, unraid is based on slackware, so it should
> > > work. Is it possible to check the ownership & permissions set on
> > > /mnt/user/PrivateShare ?
> > >
> > > Is either apparmor or selinux running ?
> > >
> > > Rowland
> >
> > Thanks for the reply, I have included some responses below:
> >
> > The permissions set to /mnt/user/PrivateShare is:
> >
> > drwxrwx---+ 1 ur_admin ur-lab_access 4.0K May 24 2023
> > PrivateShare/
> >
> > There is an ACL set on that folder too:
> >
> > getfacl: Removing leading '/' from absolute path names
> > # file: mnt/user/PrivateShare/
> > # owner: ur_admin
> > # group: ur-lab_access
> > user::rwx
> > user:ur-lab_access:rwx
> > user:ur-lab-privateshare-ro:r-x
> > user:ur-lab-privateshare-rw:rwx
> > group::rwx
> > group:ur_admin:rwx
> > group:ur-lab_access:rwx
> > group:ur-lab-privateshare-ro:r-x
> > group:ur-lab-privateshare-rw:rwx
> > mask::rwx
> > other::---
> > default:user::rwx
> > default:user:ur_admin:rwx
> > default:user:ur-lab-privateshare-ro:r-x
> > default:user:ur-lab-privateshare-rw:rwx
> > default:group::---
> > default:group:ur_admin:rwx
> > default:group:ur-lab_access:---
> > default:group:ur-lab-privateshare-ro:r-x
> > default:group:ur-lab-privateshare-rw:rwx
> > default:mask::rwx
> > default:other::---
> >
> >
> > The rwuser is a member of the ur-lab-privateshare-rw group. I
> > noticed that there are two groups (ur-lab-privateshare-ro and
> > ur-lab-privateshare-rw) setup with a user and a group permission in
> > the ACL. I retested after removing both groups' user permission
> > (leaving the intended group ACL entry for each group) and still
> > received the same error. The non-updated-IDMAP configuration I
> > started the thread with did not have a duplicate user ACL for the
> > groups and therefore I suspect it isn’t contributing to this issue.
> >
> > apparmor: I tried the following commands to see if apparmor was
> > enabled: cat /sys/module/apparmor/parameters/enabled
> > sudo apparmor_status
> >
> > Neither returned a result.
> >
> > Selinux: I tried the following commands to see if selinux was
> > enabled: sudo getenforce
> > sudo sestatus
> >
> > Neither returned a result.
> >
> > Therefore, I suspect that apparmor and selinux are not
> > installed/enabled.
> >
> > Best Regards,
> > Unraidster
> >
>
> Sorry to be so long in replying to this, but life got in the way.
>
> You initially had an incorrect smb.conf and you changed it, but by
> doing so you will have changed the user & group IDs, not their names,
> the numbers. You will probably need to change the user & group
> ownership of all directories & files and run 'net cache flush' as
> root.
>
> You also say this is on a computer running unraid, did your initial
> smb.conf come from just clicking things on a 'web page' on your unraid
> box ?
>
> Rowland
>
>
So, I took a wander over to the unraid community forum and found a post
which seems to say that this problem has been going on for nearly a
year, is this correct ?
I was hoping to possibly find a link to the source, but couldn't find
one, so I have no idea just what the default smb.conf is.
Rowland
More information about the samba
mailing list