Hello everybody, I have a server with CentOS 6.5 (kernel version 2.6.32-431.5.1.el6.x86_64) and Samba version 4.2.0pre1-GIT-4daf7d4. I am using this server as a PDC and so far everything is working quite alright. However, I have a problem with permissions of files I want to share. Mostly it is working well. Samba respects group memberships, including supplementary groups, ownership, etc. The only problem is that Samba is not honoring the setgid bit. When I create a file or directory in Windows, it belongs to the user who created it and the group they have as their primaryGroupID attribute, even though the directory has the setgid bit set. When I create the file using a shell command, the right group ownership is set. Does anyone know any solution for this problem? I am sharing a directory which is mounted as NFS on the PDC. The fileserver's OS is SLES. However, I also tried to share some local directory, set the setgid bit and the result was the same. And one more, less important problem. When I create a file in a shared directory from Windows in a directory that has been previously created in Linux, the permissions of the new file respect the mask set in smb.conf. However, when I create a file in a directory that has been created in Windows, the execution bit is set and ACLs are created. Is it possible to configurate the permissions to honor the mask in the config so the exec bit does not get set? I hope it is not too confusing. The share config in smb.conf is very simple. [data] path = /data read only = No create mask = 660 directory mask = 2770 Thank you very much in advance. Tomas Kralik
Tomáš Králík
2014-Aug-27 12:15 UTC
[Samba] [SOLVED] Re: Samba 4, setgid & new file permissions
Hi, so in the end, it seems like I solved it on my own. All I had to do was to add "vfs objects = posix_eadb" option into the config file so now the share definition looks like this. [data] path = /data read only = No create mask = 660 directory mask = 2770 vfs objects = posix_eadb So far so good, hopefully it will run alright in the future as well. I hope this solution will help someone with the same problem. Tomas On 08/11/2014 10:49 AM, Tom?? Kr?l?k wrote:> Hello everybody, > > I have a server with CentOS 6.5 (kernel version > 2.6.32-431.5.1.el6.x86_64) and Samba version 4.2.0pre1-GIT-4daf7d4. I > am using this server as a PDC and so far everything is working quite > alright. > > However, I have a problem with permissions of files I want to share. > Mostly it is working well. Samba respects group memberships, including > supplementary groups, ownership, etc. The only problem is that Samba > is not honoring the setgid bit. When I create a file or directory in > Windows, it belongs to the user who created it and the group they have > as their primaryGroupID attribute, even though the directory has the > setgid bit set. When I create the file using a shell command, the > right group ownership is set. Does anyone know any solution for this > problem? > > I am sharing a directory which is mounted as NFS on the PDC. The > fileserver's OS is SLES. However, I also tried to share some local > directory, set the setgid bit and the result was the same. > > And one more, less important problem. When I create a file in a shared > directory from Windows in a directory that has been previously created > in Linux, the permissions of the new file respect the mask set in > smb.conf. However, when I create a file in a directory that has been > created in Windows, the execution bit is set and ACLs are created. Is > it possible to configurate the permissions to honor the mask in the > config so the exec bit does not get set? I hope it is not too confusing. > > The share config in smb.conf is very simple. > > [data] > path = /data > read only = No > create mask = 660 > directory mask = 2770 > > Thank you very much in advance. > > Tomas Kralik