samba - Jul 2004 - force create mode issue

Dear List,

I'd like to report my observations on a Samba new file permissions problem
for which I found
dozens of support requests on the net without any useful replies.

Hopefully, my observations help identify the root cause of this issue which
also seems to occur
with new Samba versions 3.0.x.

In our domain we operate a file server under Samba 2.2.8a as PDC. Overall we
are delighted with Samba.
Many thanks and compliments to the Samba team.

There is only one slightly annoying issue with new file permissions.


1. PDC ?maestro? hosts 2 Samba shares named ?parent? and ?child? which are
set up as:
   
[parent]
path=/home/data/parent
writeable=Yes

[child]
path=/home/data/parent/child
browseable=No
writeable=Yes
oplocks=no
level2 oplocks=no
create mode = 0770
force create mode = 0660
directory mode = 0770
force directory mode = 0770


2. The Linux permissions on both directories ?parent? and ?child? are:

drwxrwx---  root  users       i.e. members of the users group have rwx
permissions.


3. On our Windows NT and XP client machines we have mapped the ?parent?
share to network drive X:


4. If user ?otto? who is a member of the users group accesses the ?child?
share via ?X:\child? and creates a new file or directory,
   the new file/directory permissions are set to:
   
   -rwxr--r--  otto  users          or          drwxr-xr-x  otto  users
   
   This agrees with the Samba default ?create mode 755? but is not not what
we expect considering the 
   ?create mode? and ?force create mode? settings of the ?child? share.


5. Now, if user ?otto? accesses the ?child? share via ?\\maestro\child? and
creates a new file or directory the
   permissions are set to:

   -rwxrwx---  otto  users          or          drwxrwx---  otto  users

   This is what we want.

>From above it appears that with regard to new file permissions Samba
distinguishes between the two different access paths
to the ?child? share, i.e.

?X:\child?   or    ?\\maestro\child?


Any feedback and advice are most welcome.


Best regards,
Alex

On Thu, Jul 29, 2004 at 10:31:00AM +0200, Zounek, Alex, Patentanwaltskanzlei
Zounek wrote:
> Dear List,
> 
> I'd like to report my observations on a Samba new file permissions
problem
> for which I found
> dozens of support requests on the net without any useful replies.
> 
> Hopefully, my observations help identify the root cause of this issue which
> also seems to occur
> with new Samba versions 3.0.x.
> 
> In our domain we operate a file server under Samba 2.2.8a as PDC. Overall
we
> are delighted with Samba.
> Many thanks and compliments to the Samba team.
> 
> There is only one slightly annoying issue with new file permissions.
> 
> 
> 1. PDC ?maestro? hosts 2 Samba shares named ?parent? and ?child? which are
> set up as:
>    
> [parent]
> path=/home/data/parent
> writeable=Yes
> 
> [child]
> path=/home/data/parent/child
> browseable=No
> writeable=Yes
> oplocks=no
> level2 oplocks=no
> create mode = 0770
> force create mode = 0660
> directory mode = 0770
> force directory mode = 0770
> 
> 
> 2. The Linux permissions on both directories ?parent? and ?child? are:
> 
> drwxrwx---  root  users       i.e. members of the users group have rwx
> permissions.
> 
> 
> 3. On our Windows NT and XP client machines we have mapped the ?parent?
> share to network drive X:
> 
> 
> 4. If user ?otto? who is a member of the users group accesses the ?child?
> share via ?X:\child? and creates a new file or directory,
>    the new file/directory permissions are set to:
>    
>    -rwxr--r--  otto  users          or          drwxr-xr-x  otto  users
>    
>    This agrees with the Samba default ?create mode 755? but is not not what
> we expect considering the 
>    ?create mode? and ?force create mode? settings of the ?child? share.
But it is what we expect via access using the parent share.
When access is via one share, settings on other shares are
ignored - no matter if they map to the same directory.

To behave otherwise would be chaos I'm afraid.

Jeremy.