On 2013-09-25 8:03 PM, Kevin Field wrote:
On 2013-09-25 2:47 PM, Johan Hendriks wrote:
Kevin Field wrote:
Hi,
I have a CentOS 6.4 fileserver running SerNet Samba 4.0.9 with these
global settings (not overridden):
read only = No
force create mode = 0777
force directory mode = 0777
inherit acls = yes
inherit owner = yes
inherit permissions = yes
On a Windows client, I have Thunderbird 24.0 storing its profile and
mail on the Samba share. The perms on everything in the share were
chmod -R 777'd.
Then I get mail, compact a folder, whatever, and it looks like this:
...
-rwxrwxrwx. 1 1128 513 2684 Sep 25 13:20 Templates.msf
-rwxrwx---+ 1 1128 513 0 Sep 25 13:50 Trash
-rwxrwx---+ 1 1128 513 2223 Sep 25 13:50 Trash.msf
Whatever it touches is now 770. How can that be, when the parent of
this folder is 777, Samba is set to inherit and force 0777? Is this
Samba misbehaving, or Thunderbird?
Thanks,
Kev
It looks like the you have acl's active, hence the + after the
permissions rwxrwx---+ .
These acls overrule the local permissions set by samba.
Not samba not thundebird is misbehaving.
regards
Johan Hendriks
I only partially understand. I get that + means some extended ACLs. I
don't get why Samba/Thunderbird makes the file 770 instead of 777. What
I really don't get, though, is--since you mentioned ACLs I went and
checked some example files in Windows--that despite the 777 files having
"Everyone" with no settings, the 770 files have "Everyone" with "Full
Control", not inherited! I certainly didn't intend that for a user's
mail profile :) (Really though, I didn't set things up that way from
the Windows side--this is someone's home drive, in which they have full
control, and I didn't touch the defaults, but I certainly didn't put
Everyone in there, and certainly not with Full Control.)
Where did this come from?
possibility a) smb.conf, in which case I don't understand the settings I
posted here
possibility b) ACLs set by me, which I can't see being the case because
our setup is so simple*
possibility c) ?
* Now just in case, and barring any Group Policy suggestions, what's the
easiest way to, either from Windows or Linux, set it up so that admins
have Full Control over every file, and home drives additionally have
Full Control of the user having the same name as the home dir, and the
'shared' drive has Everyone having Full Control? So far, because our
network is so small, I had done this manually in the past, but it's a
bit of a PITA to do again at this point, since each user's home dir
takes a few minutes to propagate ACL changes through if I use Windows
GUI tools and meanwhile semi-hangs the UI. I don't really care how the
perms look on the Linux end of things, since users only have access via
Windows clients.
From what you said about ACLs overruling, to me it would seem that our
setup is simple enough that we shouldn't need "+"/Windows ACLs at all,
because the normal unix ACLs are more than enough for our purposes,
except that currently, Windows users don't get properly mapped, mainly
because their Linux equivalents don't necessarily exist (e.g. for most
users they don't have a CentOS login, but I do and the "users" group and
such could map from "Domain Users", I guess.) Or even if Linux perms
were the same everywhere, and smb.conf enforced the rules so they came
out right on the Windows side. If someone could lay this out for me,
I'd really find it helpful--I've been trying to make sense of the docs
and tutorials and mailing lists and Q&A sites, and for what I would
think is a fairly common setup, I can't seem to get something working
without glitches for us.
It's just that, somehow, since we recently switched home drives from
W2K3 to Samba serving them up, this has suddenly started happening, and
is somehow causing strange side effects like Thunderbird much more often
deciding to rebuild summary files of mailboxes, and mail not coming in
right away (perhaps due to an un-indicated summary rebuild conflicting
with a too-often mail check), and, well, these strange permissions that
we never had before appearing on most files that Thunderbird modifies.
More help/hints/examples would be much appreciated :)
Thanks Johan,
Kev
As one of my users reports:
I updated to 24.0.
I went offline, then hit "Compact Folders" in the File menu. (It
appeared to compact all my folders.)
Then I rebooted my computer.
Now it is the afternoon, and 2 or 3 of my folders are Building Summary
again !
---
This behaviour has only happened since switching from W2K3 to Samba for
our home drives where Thunderbird profiles live.
What have I done wrong here?
Kev
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
