samba@lists.samba.org
[Top] [All Lists]

Re: [Samba] Strange Samba permissions

Subject: Re: [Samba] Strange Samba permissions
From: Felipe Augusto van de Wiel
Date: Wed, 25 Oct 2006 10:59:17 -0300
On 10/16/2006 08:50 AM, Sascha escreveu:
Hi,
I am really stuggeling with Samba, searched forums and checked
> tutorials, so far with no success. So you are my last resort
> and probably the first place I should have checked, but I am
> completly new to mail groups, so please be patient with me.

        Welcome aboard.


Users can log in to the Samba PDC domain successfully and get
> the login script executed just fine.

But: 1.) If user A is creating a file then user B can not delete
> that file.

        'force create mode' should help you on this. 'force user'
        could also help (and perhaps 'force group').


2.) Also no user can create a folder, only files. Windows XP
> client shows a message "Access denied".

        That's weird.


3.) If I login as a user and create a file in the
> /etc/samba/data/all folder with VI I can not edit this file
> via SMB, WinXP client.

        Ok, tell me that you are not using /etc/ to store your
        users files and directories. :)



I certainly have a permission problem, but I don't know where...
> Did try different settings, from including inherit options to
> force create mode, umask, but nothing. So I am very glad for
> any advise on this.

        I hope the below could help you.


I don't have access to the machine right now, but if I remember
> right it is running Samba v3.0.23a. It is the latest yum update
> on Fedora Core5.
Best regards
.. Sascha


I created a folder and set chmod 0777. Thought this must work - only for 
testing purpose. Would set it too 0770, or?!
********************************************
[root@server all]# ls -la
total 32
drwxrwxrwx 3 root   all 4096 Oct 16 00:04 .
drwxrwxrwx 5 root   all 4096 Oct 12 20:39 ..
drwxrwxrwx 2 root   all 4096 Oct 15 23:31 test
-rwxrwxrwx 1 hatice all    8 Oct 13 20:51 test.hat
********************************************

        This is *very* permissive. :)


and set Samba to share this folder:
********************************************
[all]
comment = "All"
path = /etc/samba/data/all
public = no
browseable = yes
writeable = yes
force group = all
force create mode = 0777
force directory mode = 0770
********************************************

        You should store your data files outside /etc.


In the smbd.log I get the following message on Samba service START:
********************************************
[2006/10/16 00:13:29, 2] lib/dmallocmsg.c:register_dmalloc_msgs(71)
  Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
[2006/10/16 00:13:29, 0] auth/auth_util.c:create_builtin_administrators(785)
  create_builtin_administrators: Failed to create Administrators
[2006/10/16 00:13:29, 2] auth/auth_util.c:create_local_nt_token(899)
  create_local_nt_token: Failed to create BUILTIN\Administrators group!
[2006/10/16 00:13:29, 0] auth/auth_util.c:create_builtin_users(751)
  create_builtin_users: Failed to create Users
[2006/10/16 00:13:29, 2] auth/auth_util.c:create_local_nt_token(926)
  create_local_nt_token: Failed to create BUILTIN\Users group!
[2006/10/16 00:13:29, 0] auth/auth_util.c:create_builtin_administrators(785)
  create_builtin_administrators: Failed to create Administrators
[2006/10/16 00:13:29, 2] auth/auth_util.c:create_local_nt_token(899)
  create_local_nt_token: Failed to create BUILTIN\Administrators group!
[2006/10/16 00:13:29, 0] auth/auth_util.c:create_builtin_users(751)
  create_builtin_users: Failed to create Users
[2006/10/16 00:13:29, 2] auth/auth_util.c:create_local_nt_token(926)
  create_local_nt_token: Failed to create BUILTIN\Users group!
[2006/10/16 00:13:29, 2] smbd/server.c:open_sockets_smbd(384)
********************************************

        Did you map the groups? Using 'net groupmap' command? And
did you read the release notes of 3.0.23? There are significant
change on how the groups are handled.


And these error messages when I try to CREATE a folder via SMB Client via Win 
XP:
********************************************
[2006/10/16 00:09:27, 1] smbd/service.c:make_connection_snum(941)
  others (10.11.12.65) connect to service all initially as user sascha 
(uid=501, gid=600) (pid 7528)
[2006/10/16 00:09:27, 2] smbd/reply.c:reply_tcon_and_X(711)
  Serving all as a Dfs root
[2006/10/16 00:09:29, 2] smbd/open.c:open_directory(1936)
  open_directory: unable to create New Folder. Error was Permission denied
[2006/10/16 00:09:29, 2] smbd/open.c:open_directory(1936)
  open_directory: unable to create New Folder. Error was Permission denied
[2006/10/16 00:09:29, 2] smbd/open.c:open_directory(1936)
  open_directory: unable to create New Folder (2). Error was Permission denied
[2006/10/16 00:09:29, 2] smbd/open.c:open_directory(1936)
  open_directory: unable to create New Folder (2). Error was Permission denied
[2006/10/16 00:09:32, 2] smbd/open.c:open_file(352)
********************************************

        You should check the net groupmap.

        Kind regards,

--
Felipe Augusto van de Wiel <felipe@xxxxxxxxxxxxxxxxxxx>
Coordenadoria de Tecnologia da InformaÃÃo (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/           Phone: (+55 41 3350 3300)
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

<Prev in Thread] Current Thread [Next in Thread>