Drew.Zeller@statcan.ca
2001-Oct-30 10:23 UTC
Problems with SAMBA and setting of Group ID bit
> Hi, > > I have SAMBA 2.2.2 running on a HP-UX 11.00 server, using the JFS 3.3 with > POSIX ACL support for the Unix file systems. > > The problem that I am hitting seems to occur when I create a directory > under a share with the SAMBA inherit permissions option set, and the root > level of the share directory has the group bit id set. If a user creates > a directory under the share and is not a member of the group assigned to > the directories root level (but has access through an ACL), the new > sub-directory is created with the appropriate user and group set, and with > the appropriate permissions, except the group id bit is not set, thus if > another directory or file is created in the previous directory, the wrong > group is assigned. > > For example, the directory /home has the following settings > drwxrwsr-t+ 11 root group1 1024 Oct 29 15:00 home > > and is shared out as a samba share called test with the inherit > permissions value set to yes. If a user (who is not a member of group1, > but has a primary group of group2) creates a directory (say test2) under > the test share, the directory created will have the following setting : > drwxrwxr-t+ 3 zelldre group1 96 Oct 29 16:07 test2 > > As you can see, the "s" representing the group id bit has not been carried > over. Now if the same user as above creates a sub-directory under the > test2 directory (called test3) the following are the directory values set > : > drwxrwxr-t+ 2 zelldre group2 96 Oct 29 16:07 test3 > > This problem does not occur if the user is a member of the group assigned > to the root level of the directory created. > > Does anyone have any ideas? > > Thanks. > > Here is a copy of my smb.conf file : > # > #======================= Global Settings > ====================================> # > > [global] > > workgroup = NAEDNET > server string = Test > debug level = 0 > > ;------------------- > ; Validation > ;------------------- > guest account = nobody > security = domain > password server = iead-pdc iea05 > encrypt passwords = yes > public = no > > ;------------------- > ; Printers > ;------------------- > load printers = no > printable = no > ; printcap name = lpstat > ; printing = bsd > > ;------------------- > ; Log Files > ;------------------- > log file = /usr/local/samba/var/log.%m > max log size = 50 > > ;------------------- > ; Tuning > ;------------------- > ; socket options = TCP_NODELAY > dead time = 15 > read prediction = true > > ;------------------- > ; Master Browser > ;------------------- > local master = no > ; os level = 33 > domain master = no > preferred master = no > ; browseable = no > > ;------------------- > ; Domain Controler > ;------------------- > ; domain controller > domain logons = no > ; logon script = %m.bat > ; logon script = %U.bat > ; logon path = \\%L\Profiles\%U > > > ;------------------- > ; Name Resolution > ;------------------- > wins support = no > wins server = 142.205.52.11 > wins proxy = no > dns proxy = no > > ;------------------- > ; File Locking > ;------------------- > > ;------------------- > ; Name Mangling > ;------------------- > preserve case = no > short preserve case = no > nt acl support = yes > > #============================ Share Definitions > =============================> > ;------------------- > ; Load Shares Definition > ;------------------- > > include = /usr/local/samba/lib/shares.conf > > > #========================================================================> ===> > Also, here is a copy of my shares.conf : > > > ;-------------------------------------------------- > ; Shares Definition > ;-------------------------------------------------- > > [test] > comment = test Directory > path = /home > browsable = yes > writable = yes > inherit permissions = yes > public = no > create mask = 0774 > directory mask = 0774 > >