Am 13.02.23 um 12:14 schrieb Rowland Penny via samba:>> # ls -n >> insgesamt 24 >> drwxrwxr-x+ 4 0 10512 4096? 9. Dez 20:43 Test1 >> drwxrwxr-x+ 2 0 10512 4096? 9. Dez 20:41 test2 >> drwxrwxr-x+ 2 0 10512 4096? 9. Dez 20:41 test3 >> >> gid 10512 should be "domain admins" or in this case german >> "dom?nen-admins" with an ugly char for the "umlaut" >> > > > Are you sure that 'Administrator' owns that directory ? > '0' is the Unix ID for root. > > If I create a directory and then change the ownership to Administrator, > I get this: > > rowland at devstation:~$ mkdir testdir > rowland at devstation:~$ sudo chown Administrator testdir > rowland at devstation:~$ ls -ld testdir > drwxrwx---+ 2 administrator domain users 4096 Feb 13 11:00 testdir > > If I then use the '-n' switch to 'ls', I get this: > > rowland at devstation:~$ ls -nd testdir > drwxrwx---+ 2 10500 10513 4096 Feb 13 11:00 testdir > > Which clearly shows that the numeric ID for Administrator is '10500' and > makes 'Administrator' into just another Unix user. > > What could be happening here is that you are seeing Administrator owning > the share on a Windows machine and the user.map is mapping Administrator > to root on the Unix machine, which is to be expected.I am a bit confused right now (maybe always): you told me "Administrator shouldn't own anything on Unix" So I assumed the chown should be "chown -R root:10512 mytestshare" ? All the samba shares on this server are located in "/mnt/MSA2040/smb", this dir belongs to "0 0" now according to "ls -n". I see some mapping in the conf: # grep mapp smb.conf username map = /etc/samba/samba_usermapping # cat samba_usermapping !root = DOMAIN\Administrator DOMAIN\administrator I can't remember if I added this and why ... or if it is something old from their former linux admin.
On 13/02/2023 13:04, Stefan G. Weichinger via samba wrote:> I am a bit confused right now (maybe always): you told me "Administrator > shouldn't own anything on Unix"From the Unix end, you should never find Administrator owning anything. This is because, as my example showed. as a Unix use, Administrator is just a normal, unprivileged user e.g. my example Unix Administrator had the ID 10500.> > So I assumed the chown should be "chown -R root:10512 mytestshare" ?Exactly, the Unix admin user is 'root'.> > All the samba shares on this server are located in "/mnt/MSA2040/smb", > this dir belongs to "0 0" now according to "ls -n". > > I see some mapping in the conf: > > # grep mapp smb.conf > username map = /etc/samba/samba_usermapping > > # cat samba_usermapping > !root = DOMAIN\Administrator DOMAIN\administrator > > I can't remember if I added this and why ... or if it is something old > from their former linux admin.I have no idea if you created it or not, I wasn't there at the time ;-) What the user.map does, it takes the user on the righthand side, 'Administrator' and maps it the user on the lefthand side, 'root' What this means in practise is that whenever Administrator connects to Samba, it becomes root, with the privileges that root has. So never use Administrator on Unix, use root, but from Windows you can safely use Administrator. Rowland