samba - Oct 2003 - Synchronizing offline files that I am not the owner of fails (Samba 2.2.8/3.0.0)

Hi everyone,

Problem: Windows XP's offline files synchronization fails with an
"Access is denied" message, if you have edited an offline file that
you
have group based access to, but you are not the owner of.  (Not using an
ACL-compatible filesystem.)

In 2.2.x the change appears to be successfully written to the server
anyway; subsequent synchronization attempts suggests that the network
file is more up to date than the local version, and accepting this
clears the error and leaves the newer version on both machines.

On 3.x it appears not to work at all.  When I'm online I can edit the
file; when I'm offline and edit, the changes aren't written back.


How to reproduce: 

1. Create a Samba share (a home directory will suffice) that you can
write to
2. Create a file in that share (using Windows), and mark it available
offline
3. On Linux, set the ownership of the file to be group owned by your
primary group, but a different user (simulating an edit by that user)
4. Stop Samba ("go offline")
5. Wait for Windows to say the share is offline, and edit the file in
Windows.  Save and close the file.
6. Start Samba again
7. Attempt to synchronize.

A level 10 log for synchronizing 'more.txt' can be found at
http://www.hs.net.nz/~crb/log.wks-acer.gz


Lots of newsgroup and mailing list posts seem to imply it was broken in
2.2.3 and fixed by 2.2.5; however I assume that in these cases people
were the owner of the files they were trying to synchronize, and 2.2.8
seems to have my problem.

Any suggestions welcomed!

Thanks,
Craig

--
Craig Box                       Phone   07 957 2653
IT Partners Ltd                 Fax     07 957 2659
PO Box 9361                     
Hamilton, New Zealand

On Fri, Oct 31, 2003 at 12:03:10PM +1300, Craig Box
wrote:
> Hi everyone,
> 
> Problem: Windows XP's offline files synchronization fails with an
> "Access is denied" message, if you have edited an offline file
that you
> have group based access to, but you are not the owner of.  (Not using an
> ACL-compatible filesystem.)
> 
> In 2.2.x the change appears to be successfully written to the server
> anyway; subsequent synchronization attempts suggests that the network
> file is more up to date than the local version, and accepting this
> clears the error and leaves the newer version on both machines.
> 
> On 3.x it appears not to work at all.  When I'm online I can edit the
> file; when I'm offline and edit, the changes aren't written back.
> 
> 
> How to reproduce: 
> 
> 1. Create a Samba share (a home directory will suffice) that you can
> write to
> 2. Create a file in that share (using Windows), and mark it available
> offline
> 3. On Linux, set the ownership of the file to be group owned by your
> primary group, but a different user (simulating an edit by that user)
> 4. Stop Samba ("go offline")
> 5. Wait for Windows to say the share is offline, and edit the file in
> Windows.  Save and close the file.
> 6. Start Samba again
> 7. Attempt to synchronize.
> 
> A level 10 log for synchronizing 'more.txt' can be found at
> http://www.hs.net.nz/~crb/log.wks-acer.gz
Ok, I have made this work with Samba 3.0.1pre3.

What you need to do is to ensure that smbd is compiled with ACL
support, and running on a filesystem with posix acls. Then you
also need to set the parameter "dos filemode = yes" for the
share.

Then the sync with a non-owned file will work. The reason for
this is somewhat complex. Windows does a sync by creating a
new file with a temporary name, then sets an ACL on it that
matches the current one (but seems to add write access for the
current user, not just the owner). This must succeed else
the sync will fail. Then it sets the DOS attributes, again
this must succeed or the sync will fail. Under POSIX we encode
the attributes in the file permissions and these can only be
changed by the owner, unless the "dos filemode" parameter
is set.

Hope this helps, it can be done !

Jeremy.