Neil.Macoustra@MandG.co.uk
2006-May-31 13:25 UTC
[Samba] Cannot delete files from samba share
Hi all, Following an upgrade from samba 2.2.8a to 3.0.22 we have been unable to delete files on a samba share using an XP client. We were previously able to delete these files when using 2.2.8a. The problem occurs when we have a particular sub-set of permissions. Directory permissions on UNIX are set to 775 and ownerhips to usera : group1. This should mean that either usera or anyone who belongs to group1 should be able to delete any file within the directory irrespective of what the file permissions and ownerships are. From UNIX this is the case. Using an XP client on samba 2.2.8a this is the case. On samba 3.0.22 this is not the case. We have an application which writes files into the top level directory of the samba directory with permissions 544.The ownerships of the file are userb (i.e. different from the directory owner). group1 (i.e. the same as the directory). If a third user, userc who is a member of group1 (there is a force group directive on the share as well) comes along and attempts to delete the file through the samba share, the delete fails. Experimentation has shown the delete works if the file is writable by the user (e.g 744 cf 544) or the file is owned by the user trying to delete it. We have upgraded only a few of our servers to 3.0.22 and we have been able to reproduce the problem. I have attached a script which run as root on UNIX sets up a test share and appropriated file/dir permissions. Other details about are installation are given below UNIX OS: Solaris 8, Solaris 9 PDC: Windows 2003 If anyone has any suggestions as to how this issue can be resolved, I would be grateful to hear from them cheers Neil #!/bin/ksh # TEST_DIR = UNIX directory being shared out ( The 'samba dir') TEST_DIR=/smb_debug # TEST_FILE = file used to demonstrate the problem export TEST_FILE=${TEST_DIR}/test # SMB_CONF = path to smb.conf SMB_CONF=/path/to/your/smb.conf # SHARENAME = the name for the samba share SHARENAME=neil # GROUP = the group ownership on the 'samba dir'. Membership of this group # should permit files to be deleted from this directory. GROUP=group1 # USER1 = the username attempting to delete files from the samba share. They # must belong to ${GROUP} USER1=usera # USER2 = The user ownership on the 'samba dir' USER2=userb # USER3 = The user ownership on ${TEST_FILE} USER3=userc # On UNIX, make the directory shared out by samba if it does not exist [[ ! -d ${TEST_DIR} ]] && mkdir ${TEST_DIR} # Create the samba share if required egrep \\[${SHARENAME}\\] ${SMB_CONF} >&- 2>&- || { cat <<_EOT1__ >> ${SMB_CONF} [${SHARENAME}] path = ${TEST_DIR} comment = "Test share for permissions issue" valid users = @${GROUP} read only = no create mask = 755 force group = ${GROUP} _EOT1__ } # Make the 'samba directory' owned by an account other than that which deletes # the file. Make the group ownership ${GROUP}. Make the permissions such that # members of ${GROUP} can delete (and create) files within ${TEST_DIR}. chown ${USER2}:${GROUP} ${TEST_DIR} chmod 775 ${TEST_DIR} # Create the file we want to delete touch ${TEST_FILE} # Set file ownerships & perms so it is not writable chmod 544 ${TEST_FILE} chown ${USER3}:${GROUP} ${TEST_FILE} # Show the permissions echo "Initial permissions are as follows\n" ls -ld ${TEST_DIR} ${TEST_FILE} # As $USER1 show that we can delete the file from UNIX echo "\n Deleting ${TEST_FILE}" su - ${USER1} -c "rm -f ${TEST_FILE}" >&- 2>&- if [[ ! -f ${TEST_FILE} ]];then echo "Test file deleted\n" else echo "Failed to delete test file\n" fi # Re-create the file again touch ${TEST_FILE} chmod 544 ${TEST_FILE} chown ${USER3}:${GROUP} ${TEST_FILE} # Show the permissions echo "Permissions following file re-creation are as follows\n" ls -ld ${TEST_DIR} ${TEST_FILE} echo "\nNow attempt to delete the file using a windows client" The information contained in this message may be CONFIDENTIAL and is intended for the addressee only. Any unauthorised use, dissemination of the information, or copying of this message is prohibited. If you are not the addressee, please notify the sender immediately by return e-mail and delete this message. Although this e-mail and any attachments are believed to be free of any virus, or other defect which might affect any computer or system into which they are received and opened, it is the responsibility of the recipient to ensure that they are virus free and no responsibility is accepted by M&G for any loss or damage from receipt or use thereof. Please note that all e-mail messages are subject to interception for lawful business purposes.
sounds like you're hitting "map readonly" please play with it and see man smb.conf greez Neil.Macoustra@MandG.co.uk wrote:> Hi all, > > Following an upgrade from samba 2.2.8a to 3.0.22 we have been unable to > delete files on a samba share using an XP client. We were previously able > to delete these files when using 2.2.8a. > > The problem occurs when we have a particular sub-set of permissions. > Directory permissions on UNIX are set to 775 and ownerhips to usera : > group1. This should mean that either usera or anyone who belongs to > group1 should be able to delete any file within the directory > irrespective of what the file permissions and ownerships are. From UNIX > this is the case. Using an XP client on samba 2.2.8a this is the case. On > samba 3.0.22 this is not the case. > > We have an application which writes files into the top level directory of > the samba directory with permissions 544.The ownerships of the file are > userb (i.e. different from the directory owner). group1 (i.e. the same as > the directory). If a third user, userc who is a member of group1 (there > is a force group directive on the share as well) comes along and attempts > to delete the file through the samba share, the delete fails. > Experimentation has shown the delete works if the file is writable by the > user (e.g 744 cf 544) or the file is owned by the user trying to delete > it. > > We have upgraded only a few of our servers to 3.0.22 and we have been > able to reproduce the problem. I have attached a script which run as > root on UNIX sets up a test share and appropriated file/dir permissions. > Other details about are installation are given below > > UNIX OS: Solaris 8, Solaris 9 > PDC: Windows 2003 > > If anyone has any suggestions as to how this issue can be resolved, I > would be grateful to hear from them > > cheers > > Neil > > #!/bin/ksh > > # TEST_DIR = UNIX directory being shared out ( The 'samba dir') > TEST_DIR=/smb_debug > # TEST_FILE = file used to demonstrate the problem > export TEST_FILE=${TEST_DIR}/test > # SMB_CONF = path to smb.conf > SMB_CONF=/path/to/your/smb.conf > # SHARENAME = the name for the samba share > SHARENAME=neil > # GROUP = the group ownership on the 'samba dir'. Membership of this > group > # should permit files to be deleted from this directory. > GROUP=group1 > # USER1 = the username attempting to delete files from the samba share. > They > # must belong to ${GROUP} > USER1=usera > # USER2 = The user ownership on the 'samba dir' > USER2=userb > # USER3 = The user ownership on ${TEST_FILE} > USER3=userc > > # On UNIX, make the directory shared out by samba if it does not exist > [[ ! -d ${TEST_DIR} ]] && mkdir ${TEST_DIR} > > # Create the samba share if required > egrep \\[${SHARENAME}\\] ${SMB_CONF} >&- 2>&- || { > cat <<_EOT1__ >> ${SMB_CONF} > [${SHARENAME}] > path = ${TEST_DIR} > comment = "Test share for permissions issue" > valid users = @${GROUP} > read only = no > create mask = 755 > force group = ${GROUP} > _EOT1__ > } > > # Make the 'samba directory' owned by an account other than that which > deletes > # the file. Make the group ownership ${GROUP}. Make the permissions such > that > # members of ${GROUP} can delete (and create) files within ${TEST_DIR}. > chown ${USER2}:${GROUP} ${TEST_DIR} > chmod 775 ${TEST_DIR} > > # Create the file we want to delete > touch ${TEST_FILE} > > # Set file ownerships & perms so it is not writable > chmod 544 ${TEST_FILE} > chown ${USER3}:${GROUP} ${TEST_FILE} > > # Show the permissions > echo "Initial permissions are as follows\n" > ls -ld ${TEST_DIR} ${TEST_FILE} > > # As $USER1 show that we can delete the file from UNIX > echo "\n Deleting ${TEST_FILE}" > su - ${USER1} -c "rm -f ${TEST_FILE}" >&- 2>&- > if [[ ! -f ${TEST_FILE} ]];then > echo "Test file deleted\n" > else > echo "Failed to delete test file\n" > fi > > # Re-create the file again > touch ${TEST_FILE} > chmod 544 ${TEST_FILE} > chown ${USER3}:${GROUP} ${TEST_FILE} > > # Show the permissions > echo "Permissions following file re-creation are as follows\n" > ls -ld ${TEST_DIR} ${TEST_FILE} > > echo "\nNow attempt to delete the file using a windows client" > > > > The information contained in this message may be CONFIDENTIAL and is intended for the addressee only. Any unauthorised use, dissemination of the information, or copying of this message is prohibited. If you are not the addressee, please notify the sender immediately by return e-mail and delete this message. Although this e-mail and any attachments are believed to be free of any virus, or other defect which might affect any computer or system into which they are received and opened, it is the responsibility of the recipient to ensure that they are virus free and no responsibility is accepted by M&G for any loss or damage from receipt or use thereof. > Please note that all e-mail messages are subject to interception for lawful business purposes. >
Hi Neil,> Following an upgrade from samba 2.2.8a to 3.0.22 we have been unable > to delete files on a samba share using an XP client. We were > previously able to delete these files when using 2.2.8a.This sounds remarkably similar to the problem I was having, where I could create files, modify them, but not delete them: http://lists.samba.org/archive/samba/2006-May/120521.html If you work out a way to fix this, do let me know! Cheers, Adam.
On Wed, May 31, 2006 at 02:06:53PM +0100, Neil.Macoustra@MandG.co.uk wrote:> > Following an upgrade from samba 2.2.8a to 3.0.22 we have been unable to > delete files on a samba share using an XP client. We were previously able > to delete these files when using 2.2.8a. > > The problem occurs when we have a particular sub-set of permissions. > Directory permissions on UNIX are set to 775 and ownerhips to usera : > group1. This should mean that either usera or anyone who belongs to > group1 should be able to delete any file within the directory > irrespective of what the file permissions and ownerships are. From UNIX > this is the case. Using an XP client on samba 2.2.8a this is the case. On > samba 3.0.22 this is not the case. > > We have an application which writes files into the top level directory of > the samba directory with permissions 544.The ownerships of the file are > userb (i.e. different from the directory owner). group1 (i.e. the same as > the directory). If a third user, userc who is a member of group1 (there > is a force group directive on the share as well) comes along and attempts > to delete the file through the samba share, the delete fails. > Experimentation has shown the delete works if the file is writable by the > user (e.g 744 cf 544) or the file is owned by the user trying to delete > it. > > We have upgraded only a few of our servers to 3.0.22 and we have been > able to reproduce the problem. I have attached a script which run as > root on UNIX sets up a test share and appropriated file/dir permissions. > Other details about are installation are given below > > UNIX OS: Solaris 8, Solaris 9 > PDC: Windows 2003 > > If anyone has any suggestions as to how this issue can be resolved, I > would be grateful to hear from themCan you send me a debug level 10 log from the smbd when you attempt to delete the file along with the name of the file you're trying to delete. Thanks, Jeremy.
Possibly Parallel Threads
- [kvm-unit-tests PATCH] x86: hyperv_synic: Hyper-V SynIC test
- [kvm-unit-tests PATCH] x86: hyperv_synic: Hyper-V SynIC test
- [PATCH v3] xfstests: btrfs/316: cross-subvolume sparse copy
- [PATCH v2] xfstests: btrfs/316: cross-subvolume sparse copy
- Group mapping problem - please help