thr3ads.net - samba - [Samba] Strange Samba permissions [Oct 2006]

If this information is useful, please help other people find it:
Share via:

Sascha

2006-Oct-18 00:35 UTC

[Samba] Strange Samba permissions

Hi,

I am really stuggeling with Samba, searched forums and checked tutorials, so far
with no success. So you are my last resort and probably the first place I should
have checked, but I am completly new to mail groups, so please be patient with
me.

Users can log in to the Samba PDC domain successfully and get the login script
executed just fine.

But: 
1.) If user A is creating a file then user B can not delete that file. 
2.) Also no user can create a folder, only files. Windows XP client shows a
message "Access denied".
3.) If I login as a user and create a file in the /etc/samba/data/all folder
with VI I can not edit this file via SMB, WinXP client.

I certainly have a permission problem, but I don't know where... Did try
different settings, from including inherit options to force create mode, umask,
but nothing. So I am very glad for any advise on this.

I don't have access to the machine right now, but if I remember right it is
running Samba v3.0.23a. It is the latest yum update on Fedora Core5.

Best regards
.. Sascha




I created a folder and set chmod 0777. Thought this must work - only for testing
purpose. Would set it too 0770, or?!
********************************************
[root@server all]# ls -la
total 32
drwxrwxrwx 3 root   all 4096 Oct 16 00:04 .
drwxrwxrwx 5 root   all 4096 Oct 12 20:39 ..
drwxrwxrwx 2 root   all 4096 Oct 15 23:31 test
-rwxrwxrwx 1 hatice all    8 Oct 13 20:51 test.hat
********************************************




and set Samba to share this folder:
********************************************
[all]
comment = "All"
path = /etc/samba/data/all
public = no
browseable = yes
writeable = yes
force group = all
force create mode = 0777
force directory mode = 0770
********************************************




In the smbd.log I get the following message on Samba service START:
********************************************
[2006/10/16 00:13:29, 2] lib/dmallocmsg.c:register_dmalloc_msgs(71)
  Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
[2006/10/16 00:13:29, 0] auth/auth_util.c:create_builtin_administrators(785)
  create_builtin_administrators: Failed to create Administrators
[2006/10/16 00:13:29, 2] auth/auth_util.c:create_local_nt_token(899)
  create_local_nt_token: Failed to create BUILTIN\Administrators group!
[2006/10/16 00:13:29, 0] auth/auth_util.c:create_builtin_users(751)
  create_builtin_users: Failed to create Users
[2006/10/16 00:13:29, 2] auth/auth_util.c:create_local_nt_token(926)
  create_local_nt_token: Failed to create BUILTIN\Users group!
[2006/10/16 00:13:29, 0] auth/auth_util.c:create_builtin_administrators(785)
  create_builtin_administrators: Failed to create Administrators
[2006/10/16 00:13:29, 2] auth/auth_util.c:create_local_nt_token(899)
  create_local_nt_token: Failed to create BUILTIN\Administrators group!
[2006/10/16 00:13:29, 0] auth/auth_util.c:create_builtin_users(751)
  create_builtin_users: Failed to create Users
[2006/10/16 00:13:29, 2] auth/auth_util.c:create_local_nt_token(926)
  create_local_nt_token: Failed to create BUILTIN\Users group!
[2006/10/16 00:13:29, 2] smbd/server.c:open_sockets_smbd(384)
********************************************




And these error messages when I try to CREATE a folder via SMB Client via Win
XP:
********************************************
[2006/10/16 00:09:27, 1] smbd/service.c:make_connection_snum(941)
  others (10.11.12.65) connect to service all initially as user sascha (uid=501,
gid=600) (pid 7528)
[2006/10/16 00:09:27, 2] smbd/reply.c:reply_tcon_and_X(711)
  Serving all as a Dfs root
[2006/10/16 00:09:29, 2] smbd/open.c:open_directory(1936)
  open_directory: unable to create New Folder. Error was Permission denied
[2006/10/16 00:09:29, 2] smbd/open.c:open_directory(1936)
  open_directory: unable to create New Folder. Error was Permission denied
[2006/10/16 00:09:29, 2] smbd/open.c:open_directory(1936)
  open_directory: unable to create New Folder (2). Error was Permission denied
[2006/10/16 00:09:29, 2] smbd/open.c:open_directory(1936)
  open_directory: unable to create New Folder (2). Error was Permission denied
[2006/10/16 00:09:32, 2] smbd/open.c:open_file(352)
********************************************

Felipe Augusto van de Wiel

2006-Oct-25 14:05 UTC

head link

[Samba] Strange Samba permissions

On 10/16/2006 08:50 AM, Sascha escreveu:> Hi,
> I am really stuggeling with Samba, searched forums and checked  > tutorials, so far with no success. So you are my last resort
 > and probably the first place I should have checked, but I am
 > completly new to mail groups, so please be patient with me.

	Welcome aboard.

> Users can log in to the Samba PDC domain successfully and get 
 > the login script executed just fine.> 
> But: 
> 1.) If user A is creating a file then user B can not delete  > that file.

	'force create mode' should help you on this. 'force user'
	could also help (and perhaps 'force group').

> 2.) Also no user can create a folder, only files. Windows XP  > client shows a message "Access denied".

	That's weird.

> 3.) If I login as a user and create a file in the  > /etc/samba/data/all folder with VI I can not edit this file
 > via SMB, WinXP client.

	Ok, tell me that you are not using /etc/ to store your
	users files and directories. :)


> I certainly have a permission problem, but I don't know where...  > Did try different settings, from including inherit options to
 > force create mode, umask, but nothing. So I am very glad for
 > any advise on this.

	I hope the below could help you.

> I don't have access to the machine right now, but if I remember  > right it is running Samba v3.0.23a. It is the latest yum update
 > on Fedora Core5.> Best regards
> .. Sascha
> I created a folder and set chmod 0777. Thought this must work - only for
testing purpose. Would set it too 0770, or?!
> ********************************************
> [root@server all]# ls -la
> total 32
> drwxrwxrwx 3 root   all 4096 Oct 16 00:04 .
> drwxrwxrwx 5 root   all 4096 Oct 12 20:39 ..
> drwxrwxrwx 2 root   all 4096 Oct 15 23:31 test
> -rwxrwxrwx 1 hatice all    8 Oct 13 20:51 test.hat
> ********************************************
	This is *very* permissive. :)

> and set Samba to share this folder:
> ********************************************
> [all]
> comment = "All"
> path = /etc/samba/data/all
> public = no
> browseable = yes
> writeable = yes
> force group = all
> force create mode = 0777
> force directory mode = 0770
> ********************************************
	You should store your data files outside /etc.

> In the smbd.log I get the following message on Samba service START:
> ********************************************
> [2006/10/16 00:13:29, 2] lib/dmallocmsg.c:register_dmalloc_msgs(71)
>   Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
> [2006/10/16 00:13:29, 0]
auth/auth_util.c:create_builtin_administrators(785)
>   create_builtin_administrators: Failed to create Administrators
> [2006/10/16 00:13:29, 2] auth/auth_util.c:create_local_nt_token(899)
>   create_local_nt_token: Failed to create BUILTIN\Administrators group!
> [2006/10/16 00:13:29, 0] auth/auth_util.c:create_builtin_users(751)
>   create_builtin_users: Failed to create Users
> [2006/10/16 00:13:29, 2] auth/auth_util.c:create_local_nt_token(926)
>   create_local_nt_token: Failed to create BUILTIN\Users group!
> [2006/10/16 00:13:29, 0]
auth/auth_util.c:create_builtin_administrators(785)
>   create_builtin_administrators: Failed to create Administrators
> [2006/10/16 00:13:29, 2] auth/auth_util.c:create_local_nt_token(899)
>   create_local_nt_token: Failed to create BUILTIN\Administrators group!
> [2006/10/16 00:13:29, 0] auth/auth_util.c:create_builtin_users(751)
>   create_builtin_users: Failed to create Users
> [2006/10/16 00:13:29, 2] auth/auth_util.c:create_local_nt_token(926)
>   create_local_nt_token: Failed to create BUILTIN\Users group!
> [2006/10/16 00:13:29, 2] smbd/server.c:open_sockets_smbd(384)
> ********************************************
	Did you map the groups? Using 'net groupmap' command? And
did you read the release notes of 3.0.23? There are significant
change on how the groups are handled.

> And these error messages when I try to CREATE a folder via SMB Client via
Win XP:
> ********************************************
> [2006/10/16 00:09:27, 1] smbd/service.c:make_connection_snum(941)
>   others (10.11.12.65) connect to service all initially as user sascha
(uid=501, gid=600) (pid 7528)
> [2006/10/16 00:09:27, 2] smbd/reply.c:reply_tcon_and_X(711)
>   Serving all as a Dfs root
> [2006/10/16 00:09:29, 2] smbd/open.c:open_directory(1936)
>   open_directory: unable to create New Folder. Error was Permission denied
> [2006/10/16 00:09:29, 2] smbd/open.c:open_directory(1936)
>   open_directory: unable to create New Folder. Error was Permission denied
> [2006/10/16 00:09:29, 2] smbd/open.c:open_directory(1936)
>   open_directory: unable to create New Folder (2). Error was Permission
denied
> [2006/10/16 00:09:29, 2] smbd/open.c:open_directory(1936)
>   open_directory: unable to create New Folder (2). Error was Permission
denied
> [2006/10/16 00:09:32, 2] smbd/open.c:open_file(352)
> ********************************************
	You should check the net groupmap.

	Kind regards,

-- 
Felipe Augusto van de Wiel <felipe@paranacidade.org.br>
Coordenadoria de Tecnologia da Informa??o (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/           Phone: (+55 41 3350 3300)

Reasonably Related Threads

Search for more apparently analagous threads

samba - Oct 2006 - Strange Samba permissions

[Samba] Strange Samba permissions

[Samba] Strange Samba permissions

Reasonably Related Threads