Rob Campbell
2022-Mar-07 17:00 UTC
[Samba] Unable to write to a share that I should have access to
Selinux is definitely turned off and I have no idea what apparmor is but it is not installed. I've tried adding the samba group gid to the directory that is being shared but that also did not help. Still only read only access. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In all things, Be Intentional. On Mon, Mar 7, 2022 at 11:27 AM Rowland Penny via samba < samba at lists.samba.org> wrote:> On Mon, 2022-03-07 at 09:04 -0500, Rob Campbell via samba wrote: > > Correct. Creating local users on each device is not an option. > > > > But even my internal drives aren't writable as a share. > > Is Selinux or Apparmor in use ? > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Rob Campbell
2022-Mar-07 19:21 UTC
[Samba] Unable to write to a share that I should have access to
Following https://wiki.samba.org/index.php/Setting_up_a_Share_Using_POSIX_ACLs#Setting_Standard_UNIX_ACLs # chmod 2770 /srv/samba/Demo/ # chown root:"Domain Users" /srv/samba/Demo/ When I try this, I get an error message $ chown testuser:"Media Users" TV_Shows/ chown: invalid user: ?testuser:Media Users? samba-tool user show testuser dn: CN=Test User,CN=Users,DC=home,DC=test-server,DC=lan ... memberOf: CN=Backup,CN=Users,DC=home,DC=test-server,DC=lan memberOf: CN=Photo Users,CN=Users,DC=home,DC=test-server,DC=lan memberOf: CN=Multimedia Users,CN=Users,DC=home,DC=test-server,DC=lan memberOf: CN=Media Users,CN=Users,DC=home,DC=test-server,DC=lan memberOf: CN=Video Users,CN=Users,DC=home,DC=test-server,DC=lan memberOf: CN=Music Users,CN=Users,DC=home,DC=test-server,DC=lan memberOf: CN=Movie Users,CN=Users,DC=home,DC=test-server,DC=lan ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In all things, Be Intentional. On Mon, Mar 7, 2022 at 12:00 PM Rob Campbell <robcampbell08105 at gmail.com> wrote:> Selinux is definitely turned off and I have no idea what apparmor is but > it is not installed. > > I've tried adding the samba group gid to the directory that is being > shared but that also did not help. Still only read only access. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > In all things, Be Intentional. > > > On Mon, Mar 7, 2022 at 11:27 AM Rowland Penny via samba < > samba at lists.samba.org> wrote: > >> On Mon, 2022-03-07 at 09:04 -0500, Rob Campbell via samba wrote: >> > Correct. Creating local users on each device is not an option. >> > >> > But even my internal drives aren't writable as a share. >> >> Is Selinux or Apparmor in use ? >> >> Rowland >> >> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> >
Rowland Penny
2022-Mar-07 19:33 UTC
[Samba] Unable to write to a share that I should have access to
On Mon, 2022-03-07 at 12:00 -0500, Rob Campbell via samba wrote:> Selinux is definitely turned off and I have no idea what apparmor is > but it > is not installed.Apparmor is basically the Debian version of Selinux, both of which can stop users writing to a location. Rowland
Patrick Goetz
2022-Mar-08 02:35 UTC
[Samba] Unable to write to a share that I should have access to
Hi -
Can you post the result of
ls -ld DIR
and
getfacl DIR
for the directory DIR in question? It would also be helpful to have
this output for one of the files inside DIR which is read-only.
On 3/7/22 11:00, Rob Campbell via samba wrote:> Selinux is definitely turned off and I have no idea what apparmor is but it
> is not installed.
>
> I've tried adding the samba group gid to the directory that is being
shared
> but that also did not help. Still only read only access.
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In all things, Be Intentional.
>
>
> On Mon, Mar 7, 2022 at 11:27 AM Rowland Penny via samba <
> samba at lists.samba.org> wrote:
>
>> On Mon, 2022-03-07 at 09:04 -0500, Rob Campbell via samba wrote:
>>> Correct. Creating local users on each device is not an option.
>>>
>>> But even my internal drives aren't writable as a share.
>>
>> Is Selinux or Apparmor in use ?
>>
>> Rowland
>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:
https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.samba.org%2Fmailman%2Foptions%2Fsamba&data=04%7C01%7C%7C74daf149e8ba48ca5df508da005c3c4c%7C31d7e2a5bdd8414e9e97bea998ebdfe1%7C0%7C0%7C637822693491944220%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=gWVp652t6EUicuYyzHreyxXJilxw42U7lOigc7d2tz8%3D&reserved=0
>>
L.P.H. van Belle
2022-Mar-08 10:52 UTC
[Samba] Unable to write to a share that I should have access to
Hai, It's seldom i had problem due AppArmor these days, the defaults are fine in general. And its installed.. By default, it comes with the kernels.. Just leave it as is.. It should add the path's of share's automaticly to apparmor.> > When I try this, I get an error message > > $ chown testuser:"Media Users" TV_Shows/ > > chown: invalid user: ?testuser:Media Users?getent passwd testuser id testuser wbinfo -i testuser Do these show the needed info, uid gid homedir.. This : chown testuser:"Media Users" TV_Shows Only works if you a UIG:GID set .. I suspect one is missing. Chown, does work fine as user, as long as the user has rights, to write in that location where chown is used. In smb.conf Remove these lines..> >valid users = @HOME\Photos_Users @HOME\Multimedia_UsersAnd setup like this. read list = @"HOME\Photos_Users",@"HOME\Multimedia_Users" write list = @ANY_GROUP_for_Write_ACCESS Make sure also that you have in nsswitch.conf .. (* i suggest, keep winbind as last) passwd: files systemd winbind group: files systemd winbind And check that libnss-winbind libpam-winbind are installed. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Rowland Penny via samba > Verzonden: maandag 7 maart 2022 20:33 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Unable to write to a share that I > should have access to > > On Mon, 2022-03-07 at 12:00 -0500, Rob Campbell via samba wrote: > > Selinux is definitely turned off and I have no idea what apparmor is > > but it > > is not installed. > > Apparmor is basically the Debian version of Selinux, both of which can > stop users writing to a location. > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >