samba - Aug 2004 - Samba not honouring write/admin lists on shares

I'm running debian testing, so samba 3.05 atm.  As of a few upgrades ago,
which i think coincided with a library restructure or somewhat samba is no
longer honouring read/write/admin lists on share definitions.  Using the
below share as an example, previously all users could access the share with
read access, and those in the ntadmins group had write access.  Since the
upgrade users can only obtain read access.  This occurs regardless or
whether a write or admin list is used.  It is as if the write list is being
ignored.  If the sense is inverted and the share is made writable then
access cannot be restricted using read lists.

I admit to being at a loss.

[audiofiles]
    path = /home/ftp/audiofiles
    guest ok = yes
    writeable = no
    write list = @ntadmins
    force user = ftp
    force group = nogroup

Cheers
Lincoln Smith

Hallo Lincoln,

net groupmap modify ntgroup="Domain Admins" unixgroup=ntadmins
(net groupmap list;net groupmap modify  ntgroup="Domain Admins"
unixgroup=users)
might solve the problem. You are upgrading from 2.2x right?

Greetings 

Achim
> I'm running debian testing, so samba 3.05 atm.  As of a few upgrades
> ago, which i think coincided with a library restructure or somewhat
> samba is no longer honouring read/write/admin lists on share
> definitions.  Using the below share as an example, previously all
> users could access the share with read access, and those in the
> ntadmins group had write access.  Since the upgrade users can only
> obtain read access.  This occurs regardless or whether a write or
> admin list is used.  It is as if the write list is being ignored.  If
> the sense is inverted and the share is made writable then access
> cannot be restricted using read lists.
> 
> I admit to being at a loss.
> 
> [audiofiles]
>     path = /home/ftp/audiofiles
>     guest ok = yes
>     writeable = no
>     write list = @ntadmins
>     force user = ftp
>     force group = nogroup
> 
> Cheers
> Lincoln Smith
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba

-- 
I n g e n i e u r b ? r o   H A U
H a n s - A c h i m     U n g e r
eMail    :     Achim.Unger@web.de
Homepage : www.Ing-Buero-Unger.de

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Lincoln Smith wrote:
| I'm running debian testing, so samba 3.05 atm.  As of a few upgrades ago,
| which i think coincided with a library restructure or somewhat samba is no
| longer honouring read/write/admin lists on share definitions.  Using the
| below share as an example, previously all users could access the share
with
| read access, and those in the ntadmins group had write access.  Since the
| upgrade users can only obtain read access.  This occurs regardless or
| whether a write or admin list is used.  It is as if the write list is
being
| ignored.  If the sense is inverted and the share is made writable then
| access cannot be restricted using read lists.

This is a known issue with 3.0.4/5.  Sorry.  Has been addressed
in 3.0.6rc2.  Patch available from

~  http://samba.org/~jerry/patches/post-3.0.4




cheers, jerry
- ---------------------------------------------------------------------
Alleviating the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot
(2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFBIKYWIR7qMdg1EfYRAtl8AKDVMiXZGzSwqGnLJzuP/Lnu/Qy62wCg3RH6
n2yR5jmU6L3HiM1zKqoUzNk=BaBz
-----END PGP SIGNATURE-----