Hello all, I've been dealing with this problem for years now and I am a bit fed up with it. Maybe some of you all can shed some light on the situation. I am having problems with my samba server setting the uid/gid/permissions incorrectly when a file is written to the server filesystem over cifs. I currently use the account remotemounter for mounting samba shares. Even with the 'setuids' options set, it still defaults back to writing files as the remotemounter's default user:group:umask settings. I know that samba will rollback to standard UID/GID of the mounting username if CIFS Unix Extensions are unavailable. I don't know why CIFS Unix Extensions wouldn't be available. Anybody have any ideas?
---Client mount command --- hydr...@bran ~ $ sudo mount -vv /mnt/Multimedia/ parsing options: rw,credentials=/etc/samba/cred-remotemounter,setuids,acl,noperms mount.cifs kernel mount options unc=//brigid.tygerclan.local\multimedia,ip=192.168.1.4,user=remotemounter,pass={mypassword},ver=1,rw,credentials=/etc/samba/cred-remotemounter,setuids,acl,noperms Client: Gentoo Linux net-fs/mount-cifs-3.0.30 net-fs/samba-3.0.33 -------------------------------------- --- Server Config---------------- [global] dos charset = CP850 unix charset = UTF-8 display charset = LOCALE workgroup = TYGERCLAN realm = netbios name = BRIGID netbios aliases = netbios scope = server string = brigid.tygerclan.net interfaces = bind interfaces only = No security = USER auth methods = encrypt passwords = Yes update encrypted = No client schannel = Auto server schannel = Auto allow trusted domains = Yes map to guest = Bad User null passwords = No obey pam restrictions = No password server = * smb passwd file = /etc/samba/smbpasswd private dir = /etc/samba passdb backend = ldapsam:ldap://ldap-slave.tygerclan.local algorithmic rid base = 1000 root directory = guest account = nobody enable privileges = Yes pam password change = No passwd program = passwd chat = *new*password* %n\n *new*password* %n\n *changed* passwd chat debug = No passwd chat timeout = 2 check password script = username map = password level = 0 username level = 0 unix password sync = No restrict anonymous = 0 lanman auth = No ntlm auth = Yes client NTLMv2 auth = No client lanman auth = Yes client plaintext auth = No preload modules = use kerberos keytab = No log level = 0 syslog = 1 syslog only = No log file = /var/log/samba/log.%m max log size = 50 debug timestamp = Yes debug prefix timestamp = No debug hires timestamp = No debug pid = No debug uid = No enable core files = Yes smb ports = 445 139 large readwrite = Yes max protocol = NT1 min protocol = CORE read bmpx = No read raw = Yes write raw = Yes disable netbios = No reset on zero vc = No acl compatibility = auto defer sharing violations = Yes nt pipe support = Yes nt status support = Yes announce version = 4.9 announce as = NT max mux = 50 max xmit = 16644 name resolve order = lmhosts wins host bcast max ttl = 259200 max wins ttl = 518400 min wins ttl = 21600 time server = No unix extensions = Yes use spnego = Yes client signing = auto server signing = No client use spnego = Yes enable asu support = No svcctl list = deadtime = 0 getwd cache = Yes keepalive = 300 lpq cache time = 30 max smbd processes = 0 paranoid server security = Yes max disk size = 0 max open files = 10000 open files database hash size = 10007 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 use mmap = Yes hostname lookups = No name cache timeout = 660 load printers = Yes printcap cache time = 750 printcap name = cups cups server = iprint server = disable spoolss = No addport command = enumports command = addprinter command = deleteprinter command = show add printer wizard = Yes os2 driver map = mangling method = hash2 mangle prefix = 1 max stat cache size = 1024 stat cache = Yes machine password timeout = 604800 add user script = /usr/sbin/smbldap-useradd '%u' rename user script = delete user script = /usr/sbin/smbldap-userdel '%u' add group script = /usr/sbin/smbldap-groupadd '%g' && /usr/sbin/smbldap-groupshow %g|awk '/^gidNumber:/ {print $2}' delete group script = /usr/sbin/smbldap-userdel '%g' add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g' set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null -g 'Domain Computers' -c 'Machine Account' -s /bin/false '%u' shutdown script = abort shutdown script = username map script = logon script = logon path = \\brigid.tygerclan.net\Profiles\%U logon drive = logon home = \\brigid.tygerclan.local\%U\.profile domain logons = Yes os level = 20 lm announce = Auto lm interval = 60 preferred master = Yes local master = Yes domain master = Yes browse list = Yes enhanced browsing = Yes dns proxy = No wins proxy = No wins server = wins support = Yes wins hook = kernel oplocks = Yes lock spin time = 200 oplock break wait time = 0 ldap admin dn = cn=Manager,dc=tygerclan,dc=net ldap delete dn = No ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap machine suffix = ou=Computers ldap passwd sync = no ldap replication sleep = 1000 ldap suffix = dc=tygerclan,dc=net ldap ssl = no ldap timeout = 15 ldap page size = 1024 ldap user suffix = ou=People ldap debug level = 0 ldap debug threshold = 10 add share command = change share command = delete share command = eventlog list = config file = preload = lock directory = pid directory = /var/run/samba utmp directory = wtmp directory = utmp = No default service = message command = get quota command = set quota command = remote announce = remote browse sync = socket address = 0.0.0.0 homedir map = auto.home afs username map = afs token lifetime = 604800 log nt token command = time offset = 0 NIS homedir = No usershare allow guests = No usershare max shares = 100 usershare owner only = Yes usershare path = /var/lib/samba/usershares usershare prefix allow list = usershare prefix deny list = usershare template share = panic action = host msdfs = Yes passdb expand explicit = No idmap domains = idmap backend = idmap alloc backend = idmap cache time = 900 idmap negative cache time = 120 idmap uid = idmap gid = template homedir = /home/%D/%U template shell = /bin/false winbind separator = \ winbind cache time = 300 winbind enum users = No winbind enum groups = No winbind use default domain = No winbind trusted domains only = No winbind nested groups = Yes winbind nss info = template winbind refresh tickets = No winbind offline logon = No winbind normalize names = No comment = path = username = invalid users = valid users = admin users = read list = write list = printer admin = force user = force group = read only = Yes acl check permissions = Yes acl group control = No acl map full control = Yes create mask = 0744 force create mode = 00 security mask = 0777 force security mode = 00 directory mask = 0755 force directory mode = 00 directory security mask = 0777 force directory security mode = 00 force unknown acl user = No inherit permissions = No inherit acls = No inherit owner = No guest only = No administrative share = No guest ok = No only user = No hosts allow = hosts deny = allocation roundup size = 1048576 aio read size = 0 aio write size = 0 aio write behind = ea support = Yes nt acl support = Yes profile acls = No map acl inherit = No afs share = No block size = 1024 change notify = Yes directory name cache size = 100 kernel change notify = Yes max connections = 0 min print space = 0 strict allocate = No strict sync = No sync always = No use sendfile = No write cache size = 0 max reported print jobs = 0 max print jobs = 1000 printable = No printing = cups cups options = print command = lpq command = %p lprm command = lppause command = lpresume command = queuepause command = queueresume command = printer name = use client driver = No default devmode = Yes force printername = No printjob username = %U default case = lower case sensitive = Auto preserve case = Yes short preserve case = Yes mangling char = ~ hide dot files = Yes hide special files = No hide unreadable = No hide unwriteable files = No delete veto files = No veto files = hide files = veto oplock files = map archive = Yes map hidden = No map system = No map readonly = yes mangled names = Yes mangled map = store dos attributes = No dmapi support = No browseable = Yes blocking locks = Yes csc policy = manual fake oplocks = No locking = Yes oplocks = Yes level2 oplocks = Yes oplock contention limit = 2 posix locking = Yes strict locking = Auto share modes = Yes dfree cache time = 0 dfree command = copy = include = preexec = preexec close = No postexec = root preexec = root preexec close = No root postexec = available = Yes volume = fstype = NTFS set directory = No wide links = Yes follow symlinks = Yes dont descend = magic script = magic output = delete readonly = No dos filemode = No dos filetimes = Yes dos filetime resolution = No fake directory create times = No vfs objects = msdfs root = No msdfs proxy = [homes] comment = Home Directories read only = No browseable = No [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = Yes [Profiles] path = /var/lib/samba/profiles guest ok = Yes browseable = No [printers] comment = All Printers path = /var/spool/samba create mask = 0700 guest ok = Yes printable = Yes browseable = No [print$] path = /var/lib/samba/printers write list = @adm, root guest ok = Yes [portage] comment = Gentoo Portage files path = /data/distro-specific/Gentoo valid users = portage write list = portage force user = root force group = portage read only = No create mask = 0750 force create mode = 0640 directory mask = 0750 force directory mode = 0750 hosts allow = 192.168.1. [Multimedia] path = /data/archive/Multimedia valid users = @Multimedia write list = @Multimedia [Adult] path = /data/archive/Adult valid users = @Adult write list = @Adult read only = No browseable = No [Windows] comment = Windows Applications path = /data/archive/Windows write list = @Windows force group = Windows create mask = 0640 force create mode = 0640 directory mask = 0770 force directory mode = 0770 [Linux] comment = Linux Files path = /data/archive/Linux write list = @Linux force group = Linux create mask = 0640 force create mode = 0640 directory mask = 0770 force directory mode = 0770 [Roms] comment = Roms Image Files path = /data/archive/Roms valid users = @Roms write list = @Roms force group = Roms create mask = 0640 force create mode = 0640 directory mask = 0770 force directory mode = 0770 [ISOs] comment = Mounted ISOs path = /mnt/ISOs read list = @ISOs [btimport] comment = Place .torrent files here to be downloaded path = /data/bittorrent/import valid users = @p2pusers write list = @p2pusers force user = p2p read only = No [BTDownloads] comment = Completed BitTorrents path = /data/bittorrent/complete valid users = @p2pusers write list = @p2pusers Samba-3.0.28a ------------------------------------------------------------- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba