Tim Starr
2004-Apr-18 05:51 UTC
[Samba] Incorrect permissions on mount despite correct options
From: starrte@clarkson.edu Subject: Incorrect permission of mount despite correct options Date: April 9, 2004 2:00:49 AM EDT To: samba@lists.samba.org Mime-Version: 1.0 (Apple Message framework v613) Content-Transfer-Encoding: 7bit Message-Id: <40381AAA-89EB-11D8-87D8-000A27944740@clarkson.edu> Content-Type: text/plain; charset=US-ASCII; format=flowed Hello, this is a problem I have worked on for a very long time. Here begins the story begins when the 2.6.0-testing series of Linux kernels were being released. I had a mount samba mount served by my mac running Mac OS X 10.3 (smbd currently at version 3.0.2) and the client was a x86 based Debian machine running unstable and a custom 2.4.x kernel (currently running 2.6.5 kernel and samba 3.0.2a Debian). While I was using the 2.4.x series kernels the mount worked as expected. No problems here. However back when the 2.6.0-testing (first encountered the problem in 2.6.0-testing4's initial release) series kernel were being released I could not get my mount to continue to work correctly. The problem was that it was/is being mounted under the following permissions: tstarr@host:~/mount$ ls -l total 0 drwxr-xr-x 1 501 dialout 0 Apr 7 20:39 Audio drwxrwxr-x 1 501 dialout 0 Apr 9 01:29 Desktop drwx------ 1 501 dialout 0 Apr 2 15:33 Documents drwxrwxrw- 1 501 dialout 0 Feb 19 10:38 Graphics drwxr-xr-x 1 501 dialout 0 Apr 8 12:30 Internet drwx------ 1 501 dialout 0 Apr 1 15:06 Library drwxr-xr-x 1 501 dialout 0 Sep 8 2003 Music drwxr-xr-x 1 501 dialout 0 Jan 29 19:02 Other Stuff drwxrwxrw- 1 501 dialout 0 Sep 25 2003 Pictures drwxr-xr-x 1 501 dialout 0 Mar 22 19:55 Productivity drwxr-xr-x 1 501 dialout 0 Apr 3 21:34 Utilities drwxr-xr-x 1 501 dialout 0 Apr 2 15:35 Video Now I have no user 501 on my system and no dialout group either. Odd. So I revert back to my 2.4 kernel. 2.6.0-testing9 comes out- same results so I continue to use the 2.4 series (all along this mount works under Windows 2k fine and continues to). Finally around kernel version 2.6.3 I take a big stab at the problem. I try mounting it with other systems and they all work. I have been trying to find a live linux distribution based on 2.6 to check if my install is just messed up but I haven't been able to. I have mounted it fine using a knoppix 3.3 live cd running a 2.4 kernel. This share also works fine while using the smbclient tool. I have had numerous conversations with people on IRC only for them to come up stumped. Here is a list of things I've tried: - Mounting with no uid or gid provided doesn't change things - Mounting with numeric uid and gid - Multiple mount points - Different shares on the Mac OS X server - Recompiled kernels and Debian supplied kernels I have not been able to try a few things that I want to, another list: - Using another 2.6 based linux machine - Different version of smbmount on current linux kernel and setup - Different smbd version of OS X machine Unfortunately I cannot do those so I am lost as to what is going on. If it was simply Debian unstable not "liking" the default OS X samba setup I would have imagined there would be more people having this problem. I had found ONE message detailing this problem exactly only the uid it was being mounted under was 504. The post had no follow up and I cannot find the link right now (sorry I did a google search but can't remember the phrase I used, I believe it's actually on the samba list). I am sure I have forgotten important configuration details on both sides, don't hesitate to ask!!! Also I haven't been able to recall EVERY single troubleshooting step I've taken but please feel free to suggest things. Past e-mailing this list I'm lost. Thanks for all of your time, I eagerly await your response. Thank you very much! Also this mount had no problems on a Sun SPARCstation 5 running 2.4 series Linux kernels running debian stable. Other Linux distributions (RedHat I've had access to and Gentoo mount it fine as well but I cannot find another 2.6 based system for the life of me!) Thanks again! -Tim
Michael Carmack
2004-Apr-18 07:21 UTC
[Samba] Incorrect permissions on mount despite correct options
Tim Starr wrote:> The problem was > that it was/is being mounted under the following permissions: > > tstarr@host:~/mount$ ls -l > total 0 > drwxr-xr-x 1 501 dialout 0 Apr 7 20:39 Audio > drwxrwxr-x 1 501 dialout 0 Apr 9 01:29 Desktop > > Now I have no user 501 on my system and no dialout group either. Odd.With Linux kernel 2.6.x and 2.4.25+, CIFS Unix extensions are in effect, allowing you to view and manipulate Unix-y things like symlinks and suid/sgid files using Samba. This also has the effect that the Unix UIDs and GIDs from the server get passed to the client. If you look on the server, you'll see that "501" is the numeric ID for the user that actually owns the file. And though you may not be aware of it, you *should* have a group called "dialout" on the Linux machine. (Look at /etc/group to confirm.) You'll notice that the numeric ID for the "dialout" group on your Linux machine maps to the numeric ID for the file's group on the server. [In case you were wondering what the point of this is, these changes make Samba play nicer with Unix machines. It makes it possible to replace something like NFS with Samba.] In the 2.4 series (as of 2.4.25), the Unix extensions are an optional configuration of the Linux kernel (i.e. you enable or disable this when building the kernel). I haven't looked at 2.6 yet, but I suspect it's also optional there. I don't know whether you can turn this behavior off or on after the kernel is built (using a mount option or a /proc setting or something), as I just started using it myself. FWIW, I've encountered a couple pitfalls myself. I think maybe there are still some issues to work out, so if Samba was previously doing everything you needed it to and you don't need the Unixy features, you might want to use a kernel that has these entensions disabled. (Just a slight caution: I haven't spent a lot of time using Samba, so I may be a little off with some of the things I just said. If so, hopefully the experts will set the record straight.) m.