Wayne Edgar
2013-Apr-22 17:33 UTC
[Samba] Applying head to wall to figure out permissions issues.
I have a permissions issue on a Samba DC running 3.5.6. UserA does not have permissions to write to file opened by UserB. Specifically, a file created by UserA gets 764 permissions and UserB can't write to the file until permissions are changed either on the server to +w for other or UserA changes the permissions on the file from Windows for Everyone to have write permissions. I have tried nt acl support = no. I have gone line by line through the conf and can't see why this is not working. What information can I provide to for someone to better understand the issue? Attached my smb.conf. -- Wayne Edgar http://j.mp/wayneedgar -------------- next part -------------- [global] netbios name = Sampson netbios aliases = gatr workgroup = GATRHSV server string = GATR File Server wins support = yes ; wins server = w.x.y.z dns proxy = no name resolve order = lmhosts host wins bcast time server = yes interfaces = eth0 hosts deny = 10.56.61.0/255.255.255.0 bind interfaces only = yes log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d security = user encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes domain logons = yes logon path logon drive = H: logon home = \\%N\%U preexec = /etc/samba/bin/netlogon %U logon script = %U.bat add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u add machine script = /usr/sbin/useradd -g machines -c "%u machine account" -d /home/samba/machines/ -s /bin/false %u add group script = /usr/sbin/addgroup --force-badname %g ; printing = bsd ; printcap name = /etc/printcap ; printing = cups ; printcap name = cups ; include = /home/samba/etc/smb.conf.%m socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 ; message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' & domain master = yes preferred master = yes local master = yes os level = 255 ; idmap uid = 10000-20000 ; idmap gid = 10000-20000 ; template shell = /bin/bash ; winbind enum groups = yes ; winbind enum users = yes ; usershare max shares = 100 [homes] comment = Home Directories browseable = no read only = no create mask = 0775 directory mask = 0775 valid users = %S profile acls = yes nt acl support = no [netlogon] comment = Network Logon Service path = /home/samba/netlogon browsable = no guest ok = yes read only = yes share modes = no [sysadmin] comment = Systems Administration Files writeable = yes valid users = @sysadmin path = /home/samba/sysadmin browseable = no guest ok = no create mask = 0775 directory mask = 0775 [finance] comment = Accounting Directory writeable = yes valid users = @finance, at quickbooks path = /home/samba/finance guest ok = no create mask = 0775 directory mask = 0775 oplocks = no [busdev] comment = Business Development Directory writeable = yes valid users = @busdev path = /home/samba/busdev guest ok = no create mask = 0775 directory mask = 0775 hide unreadable = true [hr] comment = Human Resources Directory writeable = yes valid users = @hr path = /home/samba/hr guest ok = no create mask = 0775 directory mask = 0775 hide unreadable = true [shared] comment = Shared Directory writeable = yes valid users = @gatr path = /home/samba/shared create mask = 0775 directory mask = 0775 nt acl support = no [oldserver] comment = Old Server Data writeable = yes valid users = @gatr, rick path = /home/samba/oldserver create mask = 0775 directory mask = 0775 follow symlinks = yes wide links = yes force group = gatr force create mode = 775 force directory mode = 775 [design] comment = Design Drive writeable = yes #valid users = @design read list = @gatr write list = @design path = /home/samba/design create mask = 0775 directory mask = 0775 [vault] comment = Solidworks Vault writeable = yes valid users = @design path = /home/samba/swvault create mask = 0775 directory mask = 0775 [production] comment = Production Management writeable = yes valid users = @production path = /home/samba/production create mask = 0775 directory mask = 0775 [scans] comment = Printer Scans writeable = yes valid users = @gatr path = /home/scans create mask = 0775 directory mask = 0775 [purchasing] comment = Purchasing writeable = yes valid users = @purchasing path = /home/samba/purchasing create mask = 0775 directory mask = 0775 [qms] comment = Quality Management System writeable = yes read list = @gatr write list = @qms path = /home/samba/qms create mask = 0775 directory mask = 0775 [engineering] comment = Engineering Directory writeable = yes valid users = @engineering path = /home/samba/engineering guest ok = no create mask = 0775 directory mask = 0775 hide unreadable = true [contracts] comment = Contracts writeable = yes valid users = @contracts path = /home/samba/contracts guest ok = no create mask = 0775 directory mask = 0775 hide unreadable = true [exports] comment = Exports writeable = yes valid users = @exports path = /home/samba/exports guest ok = no create mask = 0775 directory mask = 0775 hide unreadable = true # comment = All Printers # browseable = no # path = /var/spool/samba # printable = yes # guest ok = no # read only = yes # create mask = 0700 ; write list = root, @lpadmin ;[cdrom] ; comment = Samba server's CD-ROM ; read only = yes ; locking = no ; path = /cdrom ; guest ok = yes ; preexec = /bin/mount /cdrom ; postexec = /bin/umount /cdrom
Paul Venzke
2013-Apr-23 01:59 UTC
[Samba] Applying head to wall to figure out permissions issues.
>-----Original Message----- >From: samba-bounces at lists.samba.org [mailto:samba- >bounces at lists.samba.org] On Behalf Of Wayne Edgar >Sent: Monday, April 22, 2013 12:33 PM >To: samba at lists.samba.org >Subject: [Samba] Applying head to wall to figure out permissions issues. > >I have a permissions issue on a Samba DC running 3.5.6. UserA does not >have permissions to write to file opened by UserB. Specifically, a file >created by UserA gets 764 permissions and UserB can't write to the file >until permissions are changed either on the server to +w for other or >UserA changes the permissions on the file from Windows for Everyone to >have write permissions. > >I have tried nt acl support = no. I have gone line by line through the >conf and can't see why this is not working. > >What information can I provide to for someone to better understand the >issue?>Attached my smb.conf. > >-- >Wayne Edgar >http://j.mp/wayneedgarHave you considered the "force create mode" and/or "force directory mode" parameters in your share? PV "If it ain't broken you're not trying"
Daniel Müller
2013-Apr-23 05:58 UTC
[Samba] Applying head to wall to figure out permissions issues.
HI, MS Office files or all files? Office files can have this issue. ----------------------------------------------- EDV Daniel M?ller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 T?bingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: mueller at tropenklinik.de Internet: www.tropenklinik.de ----------------------------------------------- -----Urspr?ngliche Nachricht----- Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im Auftrag von Wayne Edgar Gesendet: Montag, 22. April 2013 19:33 An: samba at lists.samba.org Betreff: [Samba] Applying head to wall to figure out permissions issues. I have a permissions issue on a Samba DC running 3.5.6. UserA does not have permissions to write to file opened by UserB. Specifically, a file created by UserA gets 764 permissions and UserB can't write to the file until permissions are changed either on the server to +w for other or UserA changes the permissions on the file from Windows for Everyone to have write permissions. I have tried nt acl support = no. I have gone line by line through the conf and can't see why this is not working. What information can I provide to for someone to better understand the issue? Attached my smb.conf. -- Wayne Edgar http://j.mp/wayneedgar