I have a situation where my shares all give me permission denied errors
whenever I try to save a file to it. I have four shares and one of them is
allowed to save but the others will not save anything. The one that I can
write to is original to the server and was set up when samba still had swat
and that let me do a lot of things in the shared files. The other three
were added later and I didn't try saving anything to these drives because
originally was the backup server. Now it is the main server since the
other server crashed. Now I cannot figure out what is wrong even when I use
webmin it still doesn't show me that anything is wrong. What else can I do?
I am stumped and annoyed. I have attached my config file for samba. Please
can someone help me figure this out?
Regards,
Steven Vishoot
-------------- next part --------------
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
[global]
host allow = 192.168.1, 127.
load printers = yes
cups options = raw
printing = cups
workgroup = SAMBA
create mask = 0664
printcap name = cups
encrypt passwords = yes
dirctory mask = 0777
security = user
passdb backend = tdbsam
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
[image-movies]
comment = All movies
writeable = yes
user = @svishoot
path = /images-movies
[shared]
comment = Shared Directory
writeable = yes
valid users = @svishoot,,steven
user = @svishoot
path = /shared
directory mode = 775
[music]
comment = Music Directory
path = /music
user = @svishoot
writeable = yes
read only = no
[picture]
comment = Picture Directory
path = /picture
user = @svishoot
writeable = yes
read only = no
[quicken]
comment = Quicken Directory
path = /quicken
user = @svishoot, at steven
writeable = yes
read only = no
On 2023-04-24 22:38, Steven Vishoot via samba wrote:> I have a situation where my shares all give me permission denied errors > whenever I try to save a file to it. I have four shares and one of them is > allowed to save but the others will not save anything. The one that I can > write to is original to the server and was set up when samba still had swat > and that let me do a lot of things in the shared files. The other three > were added later and I didn't try saving anything to these drives because > originally was the backup server. Now it is the main server since the > other server crashed. Now I cannot figure out what is wrong even when I use > webmin it still doesn't show me that anything is wrong. What else can I do? > I am stumped and annoyed. I have attached my config file for samba. Please > can someone help me figure this out? > Regards, > Steven Vishoot >I feel your pain. I have a similar problem where I've been trying to regain access to Samba shares. The advice I've been give has had me rebuild my entire realm and I still don't have things working. I don't know if I can help much but Samba has changed a lot over the last year. This seems to have made the old account mapping obsolete and non-functional. The advice I've been seeing is to use the Active Directory users and groups with Windows ACLs to control access. I don't know if webmin still works - I've never used it. It may not have kept up to date with the new changes to Samba. Anyway, if you can provide some more details about your setup, it would probably help. What are the clients running and how are they authenticating? Which version of Samba are you using. Is the file server a member of a domain? Stuff like that may help people help you. Good luck.
On 25/04/2023 03:38, Steven Vishoot via samba wrote:> I have a situation where my shares all give me permission denied errors > whenever I try to save a file to it. I have four shares and one of them is > allowed to save but the others will not save anything. The one that I can > write to is original to the server and was set up when samba still had swat > and that let me do a lot of things in the shared files. The other three > were added later and I didn't try saving anything to these drives because > originally was the backup server. Now it is the main server since the > other server crashed. Now I cannot figure out what is wrong even when I use > webmin it still doesn't show me that anything is wrong. What else can I do? > I am stumped and annoyed. I have attached my config file for samba. Please > can someone help me figure this out? > Regards, > Steven Vishoot > >I wouldn't use webmin, it hasn't really kept up with Samba. You haven't told us what OS and Samba version you are using, so the following is guess work. This list strips attachments, so this is the OP's smb.conf: # See smb.conf.example for a more detailed config file or # read the smb.conf manpage. # Run 'testparm' to verify the config is correct after # you modified it. [global] host allow = 192.168.1, 127. load printers = yes cups options = raw printing = cups workgroup = SAMBA create mask = 0664 printcap name = cups encrypt passwords = yes dirctory mask = 0777 Unless that is a copying error, dirctory should be directory security = user passdb backend = tdbsam [homes] comment = Home Directories valid users = %S, %D%w%S browseable = No read only = No inherit acls = Yes [printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @printadmin root force group = @printadmin create mask = 0664 directory mask = 0775 [image-movies] comment = All movies writeable = yes user = @svishoot Hmm, 'user' was a synonym for 'username' and 'username' was removed at Samba 4.5.0 I would change 'user' to 'valid users' path = /images-movies [shared] comment = Shared Directory writeable = yes valid users = @svishoot,,steven user = @svishoot path = /shared directory mode = 775 [music] comment = Music Directory path = /music user = @svishoot writeable = yes read only = no You do know that 'writeable' and 'read only' are inverted synonyms ? That is, in the way you have them set, they mean exactly the same. [picture] comment = Picture Directory path = /picture user = @svishoot writeable = yes read only = no [quicken] comment = Quicken Directory path = /quicken user = @svishoot, at steven writeable = yes read only = no The other thing to look at, Samba cannot give more permissions than the underlying acls allow, so check that the users have the required permissions on the share directories. Rowland