samba - Mar 2022 - Unable to write to a share that I should have access to

Correct.  Creating local users on each device is not an option.

But even my internal drives aren't writable as a share.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In all things, Be Intentional.


On Fri, Mar 4, 2022 at 7:56 PM McIntyre, Vincent (S&A, Marsfield) <
Vincent.Mcintyre at csiro.au> wrote:
> On Fri, Mar 04, 2022 at 06:21:56PM -0500, Rob Campbell via samba wrote:
> >Ok.  What about this one, it's ext4 along with all the others.
> >
> >testparm -s:
> >[Photos]
> >comment = Photo Storage
> >create mask = 0777
> >directory mask = 0777
> >force create mode = 0777
> >force directory mode = 0777
> >inherit acls = Yes
> >path = /multimedia/Photos
> >read only = No
> >valid users = @HOME\Photos_Users @HOME\Multimedia_Users
> >
> >/etc/samba/smb.conf:
> >[Photos]
> >comment = Photo Storage
> >path = /multimedia/Photos
> >writeable = yes
> >guest ok = no
> >browseable = yes
> >create mask = 0777
> >force create mode = 777
> >force directory mode = 777
> >inherit acls = Yes
> >read only = no
> >directory mask = 0777
> >valid users = @HOME\Photos_Users, at HOME\Multimedia_Users
> >
> >The user is a member of both Photo_Users and Multimedia_Users.  Just
for
> >now, I just want to be able to write.  In the future, I'd want
Photo_Users
> >to be able to write but Multimedia_Users only be able to read.
> >
>
> I have a similar situation (version 4.13). Suggestion below.
> I have local and domain users in sync and use local groups
> for this, so maybe this won't work for you. In particular
> I've never messed with 'inherit acls', have not needed it.
>
> [Photos]
> comment = Photo Storage
> path = /multimedia/Photos
> read only = No
> guest ok = no
> valid users = @HOME\Photos_Users @HOME\Multimedia_Users
> read list = @HOME\Multimedia_Users
> write list = @HOME\Photos_Users
> create mask = 0664
> directory mask = 0775
> force create mode = 2775
> force directory mode = 2775
> force group @HOME\Photos_Users
> inherit acls = Yes
>
> My crib notes on this (corrections appreciated!)
>
> #   'read only'   'yes|no'. default: 'yes'
> #   'write list'  <user or group>. OVERRIDES 'read
only' setting.
> #   'read list'   <user or group>. OVERRIDES 'write
list' setting for
> named users.
> #                                  OVERRIDES 'read only = no' for
named
> users.
> #   'create mask'          <octal> Bitmask ANDed with process
umask for
> the file.
> #   'directory mask'       <octal> Bitmask ANDed with process
umask for
> the dir.
> #   'force create mode'    <octal> Bitmask ORed with process
umask,
> #                                  after the create mask has been applied.
> #   'force directory mode' <octal> Bitmask ORed with process
umask, after
> the
> #                                  after the directory mask has been
> applied.
> # These are synonyms, avoid them -
> #   'write ok'       inverted synonym for 'read only'
> #   'writeable'      inverted synonym for 'read only'
> #   'create mode'    synonym for 'create mask'
> #   'directory mode' synonym for 'directory mask'
> # Deprecated, avoid -
> #   'user'        synonym for 'username'
> #   'users'       synonym for 'username'
> #   'username'
>

On Mon, 2022-03-07 at 09:04 -0500, Rob Campbell via samba
wrote:
> Correct.  Creating local users on each device is not an option.
> 
> But even my internal drives aren't writable as a share.
Is Selinux or Apparmor in use ?

Rowland