I got very strange behavior: Server A has local passwords (made with smbpasswd -a) and it also use password from other server: security = server password server = b.domain.example passdb backend = tdbsam With OLDER user accounts everything works. With WIN-XP everything works. With CMD-PROMPT everything works. With LOCAL PASSWORDS everything works. With PERMISSIONS TO GROUP everything works. I can map home directory to drive letter (say, O:). When I doubleclick it, it says "access denied", if I use newer user account, use Win7, use passwords from remote server, and home directory has permissions only for user. At same time I can open cmd-prompt and say "dir o:" and it works. If permissions are like this drwx------ 8 majahu majahu 4096 2010-02-18 13:06 /home/majahu I got access denied, but it works if they are drwxrwx--- 8 majahu majahu 4096 2010-02-18 13:06 /home/majahu So what is going on? There is exact combination of 5 things that makes this bug visible. There must be something wrong with newer user accounts. I have confirmed 3 working account and 3 not working; it might be that older accounts have been made with older smbpasswd-file and later converted to .tdb. I have tdbdumped passwords.tdb, but have no idea what to look for. -- Jori M?ntysalo
Le 18.02.2010 12:59, Jori Mantysalo a ?crit :> If permissions are like this > drwx------ 8 majahu majahu 4096 2010-02-18 13:06 /home/majahu > I got access denied, but it works if they are > drwxrwx--- 8 majahu majahu 4096 2010-02-18 13:06 /home/majahu > > So what is going on? There is exact combination of 5 things that makes > this bug visible.Could you show your [homes] (or whatever share) config from your smb.conf ? Maybe only majahu group (not user) has access ? Denis
On Thu, 18 Feb 2010, Denis BUCHER wrote:>> If permissions are like this >> drwx------ 8 majahu majahu 4096 2010-02-18 13:06 /home/majahu >> I got access denied, but it works if they are >> drwxrwx--- 8 majahu majahu 4096 2010-02-18 13:06 /home/majahu >> >> So what is going on? There is exact combination of 5 things that makes >> this bug visible. > > Could you show your [homes] (or whatever share) config from your smb.conf ?[homes] comment = Home Directories browseable = yes writable = yes inherit permissions = yes create mask = 0750 directory mask = 0750> Maybe only majahu group (not user) has access ?No, there are no groups defined in smb.conf. Basic info: 64-bit Linux, Fedora 12, up-to-date, samba from .rpm, version 3.4.5-55.fc12. -- Jori M?ntysalo
Le 18.02.2010 14:16, Jori Mantysalo a ?crit :> On Thu, 18 Feb 2010, Denis BUCHER wrote: >>> If permissions are like this >>> drwx------ 8 majahu majahu 4096 2010-02-18 13:06 /home/majahu >>> I got access denied, but it works if they are >>> drwxrwx--- 8 majahu majahu 4096 2010-02-18 13:06 /home/majahu >>> >>> So what is going on? There is exact combination of 5 things that makes >>> this bug visible. >> >> Could you show your [homes] (or whatever share) config from your >> smb.conf ? > > [homes] > comment = Home Directories > browseable = yes > writable = yes > inherit permissions = yes > create mask = 0750 > directory mask = 0750Did you solve your problem ? If not, maybe could you try with "inherit permissions = no" (just to try)>> Maybe only majahu group (not user) has access ? > No, there are no groups defined in smb.conf. > Basic info: 64-bit Linux, Fedora 12, up-to-date, samba from .rpm, > version 3.4.5-55.fc12.Denis
On Wed, 24 Feb 2010, Denis BUCHER wrote:>> [homes] >> . . . >> inherit permissions = yes > > Did you solve your problem ?No.> If not, maybe could you try with "inherit permissions = no" (just to > try)Tried it, no help. Same machine has also read-only share for some programs like R. I created test directory. If it had permissions to group, it worked. If it had permissions only for user, it did not. To be sure I installed samba to another machine running Fedora Core 12. I installed it without anything special, just "yum install samba" and modify three lines: passdb backend = tdbsam security = server password server = xxx.uta.fi xyz.uta.fi Same strange bug happened again. So there is **something** different in user accounts at xxx.uta.fi, and this "something" makes visible bug only in Win7. But what is it? How to get dump from **everything** that xxx.uta.fi knows about some user account? -- Jori M?ntysalo