You have them set to read only read only = yes Mat Enders from my BlackBerry®
-----Original Message----- From: Sebastian Suchanek <sa...@suchanek.de> Sender: samba-boun...@lists.samba.org Date: Sat, 23 Jun 2012 23:38:22 To: <samba@lists.samba.org> Subject: [Samba] Home-Shares are not writeable Hello everyone! After running Samba on several machines for some years, I just came accross a rather strange problem. The short story is that the special user home shares are readable, but not writeable. Here's the long story: The system is a freshly set-up Debian Squeeze, right out of the box. This is the Samba config: -------------------------------- 8< -------------------------------- [global] workgroup = HST server string = %h server dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 log level = 4 panic action = /usr/share/samba/panic-action %d encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes [homes] comment = Home Directories browseable = no read only = yes create mask = 0700 directory mask = 0700 valid users = %S -------------------------------- 8< -------------------------------- (Aside from the added log level line and the removed printer shares, this is exactly the config file as delivered by Debian.) I've added a linux user "testuser" including a home directory and set a Samba password by using "smbpasswd -a testuser". -------------------------------- 8< -------------------------------- tux:/home# ls -la ... drwxr-xr-x 2 testuser testuser 4096 23. Jun 14:01 testuser -------------------------------- 8< -------------------------------- And this is what happens when I try to connect to the share and do a write operation, for instance creating a directoy: -------------------------------- 8< -------------------------------- tux:/home# smbclient -U testuser \\\\localhost\\testuser Enter testuser's password: Domain=[HST] OS=[Unix] Server=[Samba 3.5.6] smb: \> mkdir test NT_STATUS_MEDIA_WRITE_PROTECTED making remote directory \test smb: \> -------------------------------- 8< -------------------------------- As you can see from the directory listing above, the directory of course is not write protected. (BTW: chmod-ing testuser's home directory to 777 didn't change anything.) Here's an excerpt from /var/log/samba/log.tux. I've removed several lines that seemed irrelevant to me in order to keep this mail short. Of course I can supply the skipped lines if needed. -------------------------------- 8< -------------------------------- [2012/06/23 14:07:02.437822, 3] auth/auth.c:216(check_ntlm_password) check_ntlm_password: Checking password for unmapped user [HST]\[testuser]@[TUX] with the new password interface [2012/06/23 14:07:02.437836, 3] auth/auth.c:219(check_ntlm_password) check_ntlm_password: mapped user is: [TUX]\[testuser]@[TUX] [2012/06/23 14:07:02.437849, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2012/06/23 14:07:02.437858, 3] smbd/uid.c:429(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2012/06/23 14:07:02.437865, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2012/06/23 14:07:02.437895, 4] lib/substitute.c:504(automount_server) Home server: tux [2012/06/23 14:07:02.437907, 4] lib/substitute.c:504(automount_server) Home server: tux ... [2012/06/23 14:07:02.438168, 4] lib/substitute.c:504(automount_server) Home server: tux [2012/06/23 14:07:02.438178, 4] lib/substitute.c:504(automount_server) Home server: tux ... [2012/06/23 14:07:02.438345, 4] ../libcli/auth/ntlm_check.c:399(ntlm_password_check) ntlm_password_check: Checking NT MD4 password [2012/06/23 14:07:02.438388, 4] auth/auth_sam.c:180(sam_account_ok) sam_account_ok: Checking SMB password for user testuser ... [2012/06/23 14:07:02.438505, 3] auth/auth.c:265(check_ntlm_password) check_ntlm_password: sam authentication for user [testuser] succeeded [2012/06/23 14:07:02.438513, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2012/06/23 14:07:02.438520, 3] smbd/uid.c:429(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2012/06/23 14:07:02.438527, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2012/06/23 14:07:02.438537, 4] auth/pampass.c:472(smb_pam_start) smb_pam_start: PAM: Init user: testuser [2012/06/23 14:07:02.439100, 4] auth/pampass.c:489(smb_pam_start) smb_pam_start: PAM: setting rhost to: ::ffff:127.0.0.1 [2012/06/23 14:07:02.439113, 4] auth/pampass.c:498(smb_pam_start) smb_pam_start: PAM: setting tty [2012/06/23 14:07:02.439121, 4] auth/pampass.c:506(smb_pam_start) smb_pam_start: PAM: Init passed for user: testuser [2012/06/23 14:07:02.439128, 4] auth/pampass.c:564(smb_pam_account) smb_pam_account: PAM: Account Management for User: testuser [2012/06/23 14:07:02.439189, 4] auth/pampass.c:583(smb_pam_account) smb_pam_account: PAM: Account OK for User: testuser [2012/06/23 14:07:02.439242, 4] auth/pampass.c:450(smb_pam_end) smb_pam_end: PAM: PAM_END OK. [2012/06/23 14:07:02.439255, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2012/06/23 14:07:02.439262, 2] auth/auth.c:304(check_ntlm_password) check_ntlm_password: authentication for user [testuser] -> [testuser] -> [testuser] succeeded ... [2012/06/23 14:07:02.439363, 3] auth/token_util.c:436(create_local_nt_token) Failed to fetch domain sid for HST ... [2012/06/23 14:07:02.439464, 3] auth/token_util.c:467(create_local_nt_token) Failed to fetch domain sid for HST ... [2012/06/23 14:07:02.439596, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-759687158-2201287895-1803905152-1000] [2012/06/23 14:07:02.439607, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-22-2-1001] [2012/06/23 14:07:02.439619, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-2] [2012/06/23 14:07:02.439629, 3] lib/privileges.c:63(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-11] ... [2012/06/23 14:07:02.439802, 3] libsmb/ntlmssp_sign.c:343(ntlmssp_sign_init) NTLMSSP Sign/Seal - Initialising with flags: [2012/06/23 14:07:02.439810, 3] libsmb/ntlmssp.c:65(debug_ntlmssp_flags) Got NTLMSSP neg_flags=0x60088215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH [2012/06/23 14:07:02.439842, 3] smbd/password.c:282(register_existing_vuid) register_existing_vuid: User name: testuser Real name: Test-User [2012/06/23 14:07:02.439851, 3] smbd/password.c:292(register_existing_vuid) register_existing_vuid: UNIX uid 1001 is UNIX user testuser, and will be vuid 100 [2012/06/23 14:07:02.439869, 4] auth/pampass.c:472(smb_pam_start) smb_pam_start: PAM: Init user: testuser [2012/06/23 14:07:02.440321, 4] auth/pampass.c:489(smb_pam_start) smb_pam_start: PAM: setting rhost to: ::ffff:127.0.0.1 [2012/06/23 14:07:02.440332, 4] auth/pampass.c:498(smb_pam_start) smb_pam_start: PAM: setting tty [2012/06/23 14:07:02.440343, 4] auth/pampass.c:506(smb_pam_start) smb_pam_start: PAM: Init passed for user: testuser [2012/06/23 14:07:02.440350, 4] auth/pampass.c:643(smb_internal_pam_session) smb_internal_pam_session: PAM: tty set to: smb/1838/100 [2012/06/23 14:07:02.440432, 4] auth/pampass.c:450(smb_pam_end) smb_pam_end: PAM: PAM_END OK. [2012/06/23 14:07:02.440569, 3] smbd/password.c:223(register_homes_share) Adding homes service for user 'testuser' using home directory: '/home/testuser' [2012/06/23 14:07:02.440604, 3] param/loadparm.c:6265(lp_add_home) adding home's share [testuser] for user 'testuser' at '/home/testuser' [2012/06/23 14:07:02.440729, 3] smbd/process.c:1485(process_smb) Transaction 3 of length 86 (0 toread) [2012/06/23 14:07:02.440751, 3] smbd/process.c:1294(switch_message) switch message SMBtconX (pid 1838) conn 0x0 ... [2012/06/23 14:07:02.440879, 4] lib/substitute.c:504(automount_server) Home server: tux [2012/06/23 14:07:02.440889, 4] lib/substitute.c:504(automount_server) Home server: tux ... [2012/06/23 14:07:02.441062, 3] smbd/vfs.c:97(vfs_init_default) Initialising default vfs hooks [2012/06/23 14:07:02.441074, 3] smbd/vfs.c:122(vfs_init_custom) Initialising custom vfs hooks from [/[Default VFS]/] ... [2012/06/23 14:07:02.441182, 4] lib/substitute.c:504(automount_server) Home server: tux [2012/06/23 14:07:02.441193, 4] lib/substitute.c:504(automount_server) Home server: tux ... [2012/06/23 14:07:02.441353, 3] smbd/service.c:1070(make_connection_snum) tux (::ffff:127.0.0.1) connect to service IPC$ initially as user testuser (uid=1001, gid=1001) (pid 1838) [2012/06/23 14:07:02.441364, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2012/06/23 14:07:02.441375, 3] smbd/reply.c:865(reply_tcon_and_X) tconX service=IPC$ [2012/06/23 14:07:02.441478, 3] smbd/process.c:1485(process_smb) Transaction 4 of length 114 (0 toread) [2012/06/23 14:07:02.441499, 3] smbd/process.c:1294(switch_message) switch message SMBtrans2 (pid 1838) conn 0x7f248e902500 [2012/06/23 14:07:02.441512, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (1001, 1001) - sec_ctx_stack_ndx = 0 [2012/06/23 14:07:02.441529, 4] smbd/vfs.c:721(vfs_ChDir) vfs_ChDir to /tmp [2012/06/23 14:07:02.441555, 3] smbd/msdfs.c:848(get_referred_path) get_referred_path: |testuser| in dfs path \localhost\testuser is not a dfs root. [2012/06/23 14:07:02.441566, 3] smbd/error.c:80(error_packet_set) error packet at smbd/trans2.c(8018) cmd=50 (SMBtrans2) NT_STATUS_NOT_FOUND [2012/06/23 14:07:02.441651, 3] smbd/process.c:1485(process_smb) Transaction 5 of length 39 (0 toread) [2012/06/23 14:07:02.441664, 3] smbd/process.c:1294(switch_message) switch message SMBtdis (pid 1838) conn 0x7f248e902500 [2012/06/23 14:07:02.441674, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2012/06/23 14:07:02.441689, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2012/06/23 14:07:02.441703, 3] smbd/service.c:1251(close_cnum) tux (::ffff:127.0.0.1) closed connection to service IPC$ [2012/06/23 14:07:02.441716, 3] smbd/connection.c:31(yield_connection) Yielding connection to IPC$ [2012/06/23 14:07:02.441740, 4] smbd/vfs.c:721(vfs_ChDir) vfs_ChDir to / [2012/06/23 14:07:02.441749, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2012/06/23 14:07:02.441835, 3] smbd/process.c:1485(process_smb) Transaction 6 of length 96 (0 toread) [2012/06/23 14:07:02.441845, 3] smbd/process.c:1294(switch_message) switch message SMBtconX (pid 1838) conn 0x0 [2012/06/23 14:07:02.441853, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2012/06/23 14:07:02.441864, 4] smbd/reply.c:786(reply_tcon_and_X) Client requested device type [?????] for share [TESTUSER] [2012/06/23 14:07:02.441876, 3] lib/util_sid.c:228(string_to_sid) string_to_sid: Sid testuser does not start with 'S-'. [2012/06/23 14:07:02.441889, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2012/06/23 14:07:02.441897, 3] smbd/uid.c:429(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2012/06/23 14:07:02.441903, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2012/06/23 14:07:02.441918, 4] lib/substitute.c:504(automount_server) Home server: tux [2012/06/23 14:07:02.441929, 4] lib/substitute.c:504(automount_server) Home server: tux ... [2012/06/23 14:07:02.442061, 4] lib/substitute.c:504(automount_server) Home server: tux [2012/06/23 14:07:02.442070, 4] lib/substitute.c:504(automount_server) Home server: tux ... [2012/06/23 14:07:02.442299, 4] lib/substitute.c:504(automount_server) Home server: tux [2012/06/23 14:07:02.442309, 4] lib/substitute.c:504(automount_server) Home server: tux ... [2012/06/23 14:07:02.442453, 3] smbd/service.c:807(make_connection_snum) Connect path is '/home/testuser' for service [testuser] [2012/06/23 14:07:02.442466, 3] smbd/vfs.c:97(vfs_init_default) Initialising default vfs hooks [2012/06/23 14:07:02.442474, 3] smbd/vfs.c:122(vfs_init_custom) Initialising custom vfs hooks from [/[Default VFS]/] [2012/06/23 14:07:02.442571, 3] lib/util_sid.c:228(string_to_sid) string_to_sid: Sid testuser does not start with 'S-'. [2012/06/23 14:07:02.442583, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2012/06/23 14:07:02.442590, 3] smbd/uid.c:429(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2012/06/23 14:07:02.442597, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2012/06/23 14:07:02.442611, 4] lib/substitute.c:504(automount_server) Home server: tux [2012/06/23 14:07:02.442623, 4] lib/substitute.c:504(automount_server) Home server: tux ... [2012/06/23 14:07:02.442755, 4] lib/substitute.c:504(automount_server) Home server: tux [2012/06/23 14:07:02.442764, 4] lib/substitute.c:504(automount_server) Home server: tux ... [2012/06/23 14:07:02.442992, 4] lib/substitute.c:504(automount_server) Home server: tux [2012/06/23 14:07:02.443002, 4] lib/substitute.c:504(automount_server) Home server: tux ... [2012/06/23 14:07:02.443161, 1] smbd/service.c:1070(make_connection_snum) tux (::ffff:127.0.0.1) connect to service testuser initially as user testuser (uid=1001, gid=1001) (pid 1838) [2012/06/23 14:07:02.443172, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2012/06/23 14:07:02.443184, 3] smbd/reply.c:865(reply_tcon_and_X) tconX service=TESTUSER [2012/06/23 14:07:02.443521, 3] smbd/process.c:1485(process_smb) Transaction 7 of length 57 (0 toread) [2012/06/23 14:07:02.443532, 3] smbd/process.c:1294(switch_message) switch message SMBecho (pid 1838) conn 0x7f248e902500 [2012/06/23 14:07:02.443539, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2012/06/23 14:07:02.443555, 3] smbd/reply.c:4978(reply_echo) echo 1 times [2012/06/23 14:07:05.484171, 3] smbd/process.c:1485(process_smb) Transaction 8 of length 52 (0 toread) [2012/06/23 14:07:05.484194, 3] smbd/process.c:1294(switch_message) switch message SMBmkdir (pid 1838) conn 0x7f248e902500 [2012/06/23 14:07:05.484206, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (1001, 1001) - sec_ctx_stack_ndx = 0 [2012/06/23 14:07:05.484222, 3] smbd/error.c:80(error_packet_set) error packet at smbd/process.c(1354) cmd=0 (SMBmkdir) NT_STATUS_MEDIA_WRITE_PROTECTED [2012/06/23 14:07:07.068152, 3] smbd/process.c:1485(process_smb) Transaction 9 of length 57 (0 toread) [2012/06/23 14:07:07.068173, 3] smbd/process.c:1294(switch_message) switch message SMBecho (pid 1838) conn 0x7f248e902500 [2012/06/23 14:07:07.068185, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2012/06/23 14:07:07.068215, 3] smbd/reply.c:4978(reply_echo) echo 1 times [2012/06/23 14:07:07.644148, 3] smbd/process.c:1485(process_smb) Transaction 10 of length 39 (0 toread) [2012/06/23 14:07:07.644170, 3] smbd/process.c:1294(switch_message) switch message SMBtdis (pid 1838) conn 0x7f248e902500 [2012/06/23 14:07:07.644181, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2012/06/23 14:07:07.644195, 4] smbd/vfs.c:721(vfs_ChDir) vfs_ChDir to /home/testuser [2012/06/23 14:07:07.644209, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2012/06/23 14:07:07.644219, 1] smbd/service.c:1251(close_cnum) tux (::ffff:127.0.0.1) closed connection to service testuser [2012/06/23 14:07:07.644228, 3] smbd/connection.c:31(yield_connection) Yielding connection to testuser [2012/06/23 14:07:07.644245, 4] smbd/vfs.c:721(vfs_ChDir) vfs_ChDir to / [2012/06/23 14:07:07.644253, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2012/06/23 14:07:07.659571, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2012/06/23 14:07:07.659600, 4] auth/pampass.c:472(smb_pam_start) smb_pam_start: PAM: Init user: testuser [2012/06/23 14:07:07.660099, 4] auth/pampass.c:489(smb_pam_start) smb_pam_start: PAM: setting rhost to: ::ffff:127.0.0.1 [2012/06/23 14:07:07.660112, 4] auth/pampass.c:498(smb_pam_start) smb_pam_start: PAM: setting tty [2012/06/23 14:07:07.660119, 4] auth/pampass.c:506(smb_pam_start) smb_pam_start: PAM: Init passed for user: testuser [2012/06/23 14:07:07.660125, 4] auth/pampass.c:643(smb_internal_pam_session) smb_internal_pam_session: PAM: tty set to: smb/1838/100 [2012/06/23 14:07:07.660200, 4] auth/pampass.c:450(smb_pam_end) smb_pam_end: PAM: PAM_END OK. [2012/06/23 14:07:07.660221, 3] smbd/connection.c:31(yield_connection) Yielding connection to [2012/06/23 14:07:07.660268, 3] smbd/server.c:906(exit_server_common) Server exit (failed to receive smb request) -------------------------------- 8< -------------------------------- Unfortunately, I'm not particularly good at reading Samba logs... So does anyone know what exactly is going on here and how to fix it? Best regards, Sebastian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba