subject:"\[Samba\] permissions problem"

Re: [Samba] Permissions problem

2013-01-09 Thread Bruno MACADRE


Le 24/12/2012 17:33, Michael B. Trausch a écrit :

On 12/20/2012 10:05 AM, Bruno MACADRE wrote:

If I copy this file in command line the mode is 660 as expected, If I
want to simulate the file explorer behaviour I must do a 'cp
--preserve=mode' copy.

 Is there a way to forbid this behaviour ? Or is there something
wrong in my configuration ?


The only way that I could think of would be to write a Samba VFS module
that prevented invocation of the chown(2) and chmod(2) system calls (and
friends).  Such a VFS module would need to return a suitable error code,
which would more than likely then be passed back to the client.

Or you could simply stub the chown/chmod (and friends!) system calls
such that they return success but are effectively no-ops.

Someone else with more intimate experience with Samba's code may have a
better option, but that's the only one I can think of at the moment.

HTH,
Mike

That was a really good idea, I've just write fake_chmod VFS module 
that intercept chmod (and friends) invocations and return 0 without do 
anything.


This module works perfectly. I tested it with nautilus and the final 
rights on the file are like expected. I haven't tested on win7 yet but I 
think that it should be the same behaviour.


Thanks for your idea,
Bruno


--

Bruno MACADRE
---
 Ingénieur Systèmes et Réseau | Systems and Network Engineer
 Département Informatique | Department of computer science
 Responsable Réseau et Téléphonie | Telecom and Network Manager
 Université de Rouen  | University of Rouen
---
Coordonnées / Contact :
Université de Rouen
Faculté des Sciences et Techniques - Madrillet
Avenue de l'Université - BP12
76801 St Etienne du Rouvray CEDEX
FRANCE

Tél : +33 (0)2-32-95-51-86
Fax : +33 (0)2-32-95-51-87
---

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Permissions problem

2012-12-31 Thread TAKAHASHI Motonobu

From: Michael B. Trausch m...@naunetcorp.com
Date: Mon, 24 Dec 2012 11:33:44 -0500

 On 12/20/2012 10:05 AM, Bruno MACADRE wrote:
 If I copy this file in command line the mode is 660 as expected, If I
 want to simulate the file explorer behaviour I must do a 'cp
 --preserve=mode' copy.
 
 Is there a way to forbid this behaviour ? Or is there something
 wrong in my configuration ?

Does unix extensions = no help your problem?

---
TAKAHASHI Motonobu mo...@monyo.com


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Permissions problem

2012-12-24 Thread Michael B. Trausch

On 12/20/2012 10:05 AM, Bruno MACADRE wrote:
 If I copy this file in command line the mode is 660 as expected, If I
 want to simulate the file explorer behaviour I must do a 'cp
 --preserve=mode' copy.
 
 Is there a way to forbid this behaviour ? Or is there something
 wrong in my configuration ?

The only way that I could think of would be to write a Samba VFS module
that prevented invocation of the chown(2) and chmod(2) system calls (and
friends).  Such a VFS module would need to return a suitable error code,
which would more than likely then be passed back to the client.

Or you could simply stub the chown/chmod (and friends!) system calls
such that they return success but are effectively no-ops.

Someone else with more intimate experience with Samba's code may have a
better option, but that's the only one I can think of at the moment.

HTH,
Mike

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Permissions problem

2012-12-20 Thread Bruno MACADRE


Hi,

	I've got a strange behaviour on a share when I copy files with files 
explorers (like Thunar, Nautilus, ...).


This is the share configuration :
[share1]
comment = Share 01
path = /home/shares/share1
valid users = +share1
force group = share1
read only = No
create mask = 0660
force create mode = 0660
directory mask = 1770
force directory mode = 1770
browseable = No
strict locking = Yes

	When I copy/paste a file from my computer (which has 444 mode) to the 
share the resultant file has 444 mode (instead of the 660 expected).


	I think the mode was changed by the file explorer 'cause when the file 
was created on the share (and during the copy process) the mode is 660 
(like expected) it's just at the end of the copy that the mode was 
change to reflect mode of the source file.


	If I copy this file in command line the mode is 660 as expected, If I 
want to simulate the file explorer behaviour I must do a 'cp 
--preserve=mode' copy.


	Is there a way to forbid this behaviour ? Or is there something wrong 
in my configuration ?


Thanx by advance,
Regards
Bruno


--

Bruno MACADRE
---
 Ingénieur Systèmes et Réseau | Systems and Network Engineer
 Département Informatique | Department of computer science
 Responsable Réseau et Téléphonie | Telecom and Network Manager
 Université de Rouen  | University of Rouen
---
Coordonnées / Contact :
Université de Rouen
Faculté des Sciences et Techniques - Madrillet
Avenue de l'Université - BP12
76801 St Etienne du Rouvray CEDEX
FRANCE

Tél : +33 (0)2-32-95-51-86
Fax : +33 (0)2-32-95-51-87
---

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Permissions problem

2010-12-03 Thread Bruno MACADRE


Well,

	I've searched on samba.org why these two versions don't have the same 
behaviour and I found that's a bug in 3.3.0.


So now the problem is a little bit different :
I'm on a SAMBA 3.5.6 Server with this share :
[partinfo]
path=/shares/partinfo
valid users = +info
force user = %U
force group = info
write list = +info
public = No
create mask = 0660
directory mask = 0770

and localy :
drwxrwx--T 21 root info 4096 2009-01-17 08:38 partinfo

Localy the behaviour is Ok :
User FOO put a file in /shares/partinfo :
-rw-rw 1 foo info 9 2010-12-03 11:00 foo_file

If user BAR wants to delete it : Permission Denied
If user BAR wants to modify it : Ok

Remotely the behaviour is Bad :
If user BAR mount this share and try to delete the file foo_file : 
Permission Denied (Nice !)

If user BAR try to modify it : Permission Denied (Not Nice...) !

I've tried lot of modifications into my smb.conf but nothing works.

I want my share works identicaly localy and remotely !! I want that all 
users in info group can modify all files (except these without 'w' 
rights) but can only delete files that they own...


I'm sure it's possible with SAMBA, but how ?


Le 01/12/2010 15:53, Bruno MACADRE a écrit :

Permissions for the share are the same in 3.3.0 and 3.5.6, like this :

drwxrwx--- 21 root info 4096 2009-01-17 08:38 partinfo

thx,

Le 01/12/2010 12:14, George Mamalakis a écrit :

On 01/12/2010 11:38, Bruno MACADRE wrote:

Hello all,

I've got an old server running SAMBA 3.3.0. I've some shares on it.
All shares looks like this :

[partinfo]
path=/shares/partinfo
valid users = +info
force user = %U
force group = info
read only = No
create mask = 0660
directory mask = 0770

All works perfectly : When I create a file on this share other users
in the info group can modify it but nobody can delete it (exactly that
i want).

But, it's time to change our server and to put a newer version of
SAMBA (3.5.6). On the new server, the behaviour is totaly different
(with the same smb.conf file) : When I create a new file, other users
n the group info can modify it AND delete it (exactly that i don't
want) !!!

Worst ! When I put in this share (localy in root) a file like this :
# echo Test /shares/partinfo/testfile
# chown root.root /shares/partinfo/testfile
# chmod 600 /shares/partinfo/testfile

When I return to my share (like above) with my user (not admin user) I
can delete the file 'testfile' without any problem !!!

I think this behaviour is not the 'normal' behaviour. What can I've
missed ? Does anyone have any tips ?

Regards,
Bruno.



Please, show as the /shares/partinfo permissions (which is responsible
for reading/writing content into it).

Thanx,

mamalos







--

Bruno MACADRE
---
 Ingénieur Systèmes et Réseau | Systems and Network Engineer
 Département Informatique | Department of computer science
 Responsable Réseau et Téléphonie | Telecom and Network Manager
 Université de Rouen  | University of Rouen
---
Coordonnées / Contact :
Université de Rouen
Faculté des Sciences et Techniques - Madrillet
Avenue de l'Université - BP12
76801 St Etienne du Rouvray CEDEX
FRANCE

Tél : +33 (0)2-32-95-51-86
Fax : +33 (0)2-32-95-51-87
---

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Permissions problem

2010-12-01 Thread Bruno MACADRE


Hello all,

	I've got an old server running SAMBA 3.3.0. I've some shares on it. All 
shares looks like this :


[partinfo]
path=/shares/partinfo
valid users = +info
force user = %U
force group = info
read only = No
create mask = 0660
directory mask = 0770

All works perfectly : When I create a file on this share other users in 
the info group can modify it but nobody can delete it (exactly that i want).


But, it's time to change our server and to put a newer version of SAMBA 
(3.5.6). On the new server, the behaviour is totaly different (with the 
same smb.conf file) : When I create a new file, other users n the group 
info can modify it AND delete it (exactly that i don't want) !!!


Worst ! When I put in this share (localy in root) a file like this :
# echo Test /shares/partinfo/testfile
# chown root.root /shares/partinfo/testfile
# chmod 600 /shares/partinfo/testfile

When I return to my share (like above) with my user (not admin user) I 
can delete the file 'testfile' without any problem !!!


I think this behaviour is not the 'normal' behaviour. What can I've 
missed ? Does anyone have any tips ?


Regards,
Bruno.


--

Bruno MACADRE
---
 Ingénieur Systèmes et Réseau | Systems and Network Engineer
 Département Informatique | Department of computer science
 Responsable Réseau et Téléphonie | Telecom and Network Manager
 Université de Rouen  | University of Rouen
---
Coordonnées / Contact :
Université de Rouen
Faculté des Sciences et Techniques - Madrillet
Avenue de l'Université - BP12
76801 St Etienne du Rouvray CEDEX
FRANCE

Tél : +33 (0)2-32-95-51-86
Fax : +33 (0)2-32-95-51-87
---

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Permissions problem

2010-12-01 Thread George Mamalakis


On 01/12/2010 11:38, Bruno MACADRE wrote:

Hello all,

I've got an old server running SAMBA 3.3.0. I've some shares on 
it. All shares looks like this :


[partinfo]
path=/shares/partinfo
valid users = +info
force user = %U
force group = info
read only = No
create mask = 0660
directory mask = 0770

All works perfectly : When I create a file on this share other users 
in the info group can modify it but nobody can delete it (exactly that 
i want).


But, it's time to change our server and to put a newer version of 
SAMBA (3.5.6). On the new server, the behaviour is totaly different 
(with the same smb.conf file) : When I create a new file, other users 
n the group info can modify it AND delete it (exactly that i don't 
want) !!!


Worst ! When I put in this share (localy in root) a file like this :
# echo Test /shares/partinfo/testfile
# chown root.root /shares/partinfo/testfile
# chmod 600 /shares/partinfo/testfile

When I return to my share (like above) with my user (not admin user) I 
can delete the file 'testfile' without any problem !!!


I think this behaviour is not the 'normal' behaviour. What can I've 
missed ? Does anyone have any tips ?


Regards,
Bruno.


Please, show as the /shares/partinfo permissions (which is responsible 
for reading/writing content into it).


Thanx,

mamalos

--
George Mamalakis

IT Officer
Electrical and Computer Engineer (Aristotle Un. of Thessaloniki),
MSc (Imperial College of London)

Department of Electrical and Computer Engineering
Faculty of Engineering
Aristotle University of Thessaloniki

phone number : +30 (2310) 994379

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Permissions problem

2010-12-01 Thread Bruno MACADRE


Permissions for the share are the same in 3.3.0 and 3.5.6, like this :

drwxrwx--- 21 root info4096 2009-01-17 08:38 partinfo

thx,

Le 01/12/2010 12:14, George Mamalakis a écrit :

On 01/12/2010 11:38, Bruno MACADRE wrote:

Hello all,

I've got an old server running SAMBA 3.3.0. I've some shares on it.
All shares looks like this :

[partinfo]
path=/shares/partinfo
valid users = +info
force user = %U
force group = info
read only = No
create mask = 0660
directory mask = 0770

All works perfectly : When I create a file on this share other users
in the info group can modify it but nobody can delete it (exactly that
i want).

But, it's time to change our server and to put a newer version of
SAMBA (3.5.6). On the new server, the behaviour is totaly different
(with the same smb.conf file) : When I create a new file, other users
n the group info can modify it AND delete it (exactly that i don't
want) !!!

Worst ! When I put in this share (localy in root) a file like this :
# echo Test /shares/partinfo/testfile
# chown root.root /shares/partinfo/testfile
# chmod 600 /shares/partinfo/testfile

When I return to my share (like above) with my user (not admin user) I
can delete the file 'testfile' without any problem !!!

I think this behaviour is not the 'normal' behaviour. What can I've
missed ? Does anyone have any tips ?

Regards,
Bruno.



Please, show as the /shares/partinfo permissions (which is responsible
for reading/writing content into it).

Thanx,

mamalos




--

Bruno MACADRE
---
 Ingénieur Systèmes et Réseau | Systems and Network Engineer
 Département Informatique | Department of computer science
 Responsable Réseau et Téléphonie | Telecom and Network Manager
 Université de Rouen  | University of Rouen
---
Coordonnées / Contact :
Université de Rouen
Faculté des Sciences et Techniques - Madrillet
Avenue de l'Université - BP12
76801 St Etienne du Rouvray CEDEX
FRANCE

Tél : +33 (0)2-32-95-51-86
Fax : +33 (0)2-32-95-51-87
---

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] permissions problem with hide dot files = No

2010-05-20 Thread stephan

Hi,

Running 3.0.28-0.2-1625-SUSE-CODE10,
if in /etc/samba/smb.conf the hide dot files parameter is set to No then
on the client I see

$ touch hi
touch: cannot touch `hi': Permission denied
$ ls -alh
total 4.0K
drwxrwxr-x 10  500 users0 2010-05-20 14:27 .
drwxr-xr-x 29 root root  4.0K 2010-05-18 16:36 ..
...
-rw-r-  1 root users0 2010-05-20 14:27 hi
...
$ rm hi
rm: remove write-protected regular empty file `hi'? yes
$ ls hi
ls: cannot access hi: No such file or directory

It does not seem the permissions of the directory matter, the files created
are always owned by root despite the creating process saying permission
denied.  And they are always deletable.  No client-side options made any
difference until we stumbled upon hide dot files = Yes which worked, and
now files are created correctly with proper permissions.

cheers,
stephan

PS: the entry in smb.conf
[xxx]
inherit acls = Yes
path = /xxx
 read only = No
valid users = 
browseable = Yes
 writeable = yes
hide dot files = Yes
inherit permissions = Yes
 admin users = xxx
create mask = 660
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Samba permissions problem, winbind auth, ldap nss

2010-04-07 Thread Eddy Sturg

Greetings list,

I'm having a problem setting file permissions for users connecting to my
samba file server.  CentOS 5.4, samba-3.0.33-3.15.el5_4.1.

I have authentication configured to use winbind, and name services
configured to use LDAP.

I've configured valid users in smb.conf to contain DOMAIN\username for the
users I want to be able to connect.

They can browse the share just fine, and they have group ownership, mode
775.

What I'm confused about is that they can create a new file or directory, but
they cannot delete or rename a file or directory - even one they've created.

If I create a test file, give it a mode of 777, they cannot rename or delete
(or edit) that file.

Also - I have read only = no in smb.conf for that share.

Any suggestions on what I am missing would be most appreciated.

Thanks,

Eddy

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Fwd: Samba permissions problem, winbind auth, ldap nss

2010-04-07 Thread Eddy Sturg

Sorry folks - false alarm.  A bit of searching in the archives showed me
that I needed:

admin users = DOMAIN\username

Fixed the problem.

Carry on...


-- Forwarded message --
From: Eddy Sturg tride2...@gmail.com
Date: Wed, Apr 7, 2010 at 10:40 AM
Subject: Samba permissions problem, winbind auth, ldap nss
To: samba@lists.samba.org


Greetings list,

I'm having a problem setting file permissions for users connecting to my
samba file server.  CentOS 5.4, samba-3.0.33-3.15.el5_4.1.

I have authentication configured to use winbind, and name services
configured to use LDAP.

I've configured valid users in smb.conf to contain DOMAIN\username for the
users I want to be able to connect.

They can browse the share just fine, and they have group ownership, mode
775.

What I'm confused about is that they can create a new file or directory, but
they cannot delete or rename a file or directory - even one they've created.

If I create a test file, give it a mode of 777, they cannot rename or delete
(or edit) that file.

Also - I have read only = no in smb.conf for that share.

Any suggestions on what I am missing would be most appreciated.

Thanks,

Eddy

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Permissions problem with Windows Vista / 7 clients, Debian Samba 3.4.7 server

2010-03-17 Thread Josh Kelley

On Mon, Mar 15, 2010 at 3:24 PM, Josh Kelley josh...@gmail.com wrote:

 I'm having a very strange permissions problem with Samba 3.4.7 (installed
 via backports.org) running on Debian Lenny:

 If a Windows 7 or Windows Vista client tries to use Windows Explorer to
 access a user's home directory with permissions 0700, the client gets a
 permission denied error.

 If the directory is made world readable, it works.  (For one user, group
 readable also works.  For another user, it does not.)

 Accessing the same directory from the command prompt (dir
 \\server\username) instead of from Windows Explorer works.

 Accessing the same directory from Windows Explorer in Windows XP works.

 This problem started when we upgraded from Samba 3.2.5 to Samba 3.4.7.
 With Samba 3.2.5, our Vista users were fine, but Windows 7 was unable to
 connect (login failed, apparently due to the NTLMv2 / 128-bit encryption
 limitations that I read about online).


I managed to fix this problem.  I had been using a username map script since
Samba 3.0.24 to change DOMAIN\username to username so that users
wouldn't have to SSH in to the (Winbind plus) Samba system as
DOMAIN\username.  Apparently, with Samba 3.4.7, this kind of username map is
no longer necessary, and it was keeping Samba from treating users as domain
users and properly resolving their SIDs.

The Samba logfile does say that this is happening (with references to the
Unix User domain and use of a S-1-22-1-... SID), but I had not looked at
that part of the logfile.

I really don't understand why username map is acting differently now, but
since disabling it seems to work, I'm happy.

-- 
Josh Kelley
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Permissions problem with Windows Vista / 7 clients, Debian Samba 3.4.7 server

2010-03-15 Thread Josh Kelley

I'm having a very strange permissions problem with Samba 3.4.7 (installed
via backports.org) running on Debian Lenny:

If a Windows 7 or Windows Vista client tries to use Windows Explorer to
access a user's home directory with permissions 0700, the client gets a
permission denied error.

If the directory is made world readable, it works.  (For one user, group
readable also works.  For another user, it does not.)

Accessing the same directory from the command prompt (dir
\\server\username) instead of from Windows Explorer works.

Accessing the same directory from Windows Explorer in Windows XP works.

This problem started when we upgraded from Samba 3.2.5 to Samba 3.4.7.  With
Samba 3.2.5, our Vista users were fine, but Windows 7 was unable to connect
(login failed, apparently due to the NTLMv2 / 128-bit encryption limitations
that I read about online).

Here's a snippet from the log file:
[2010/03/15 15:09:58,  3] smbd/process.c:1273(switch_message)
  switch message SMBntcreateX (pid 10955) conn 0x884d9d0
[2010/03/15 15:09:58,  4] smbd/uid.c:256(change_to_user)
  change_to_user: Skipping user change - already user
[2010/03/15 15:09:58,  5] smbd/filename.c:148(unix_convert)
  unix_convert called on file 
[2010/03/15 15:09:58,  5] smbd/filename.c:181(unix_convert)
  conversion finished  - .
[2010/03/15 15:09:58,  3] smbd/vfs.c:865(check_reduced_name)
  reduce_name [.] [/home/jkelley]
[2010/03/15 15:09:58,  3] smbd/vfs.c:974(check_reduced_name)
  reduce_name: . reduced to /home/jkelley
[2010/03/15 15:09:58,  5] smbd/files.c:103(file_new)
  allocated file structure 11470, fnum = 15566 (2 used)
[2010/03/15 15:09:58,  3] smbd/dosmode.c:149(unix_mode)
  unix_mode(.) returning 0700
[2010/03/15 15:09:58,  3] smbd/vfs.c:865(check_reduced_name)
  reduce_name [.] [/home/jkelley]
[2010/03/15 15:09:58,  3] smbd/vfs.c:974(check_reduced_name)
  reduce_name: . reduced to /home/jkelley
[2010/03/15 15:09:58,  4] smbd/open.c:1913(open_file_ntcreate)
  calling open_file with flags=0x0 flags2=0x0 mode=0700, access_mask = 0x81,
open_access_mask = 0x81
[2010/03/15 15:09:58,  5] smbd/files.c:474(file_free)
  freed files structure 15566 (1 used)
[2010/03/15 15:09:58,  5] smbd/open.c:2391(open_directory)
  open_directory: opening directory ., access_mask = 0x81, share_access =
0x7 create_options = 0x0, create_disposition = 0x1, file_attributes = 0x0
[2010/03/15 15:09:58,  3] smbd/error.c:60(error_packet_set)
  error packet at smbd/nttrans.c(563) cmd=162 (SMBntcreateX)
NT_STATUS_ACCESS_DENIED

Josh Kelley
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba Permissions Problem

2010-01-23 Thread Robert Steinmetz


On 1/22/2010 4:23 PM, Dale Schroeder wrote:

On 01/22/2010 3:25 PM, Robert Steinmetz AIA wrote:

Dale Schroeder wrote:

On 01/21/2010 3:08 PM, Robert Steinmetz AIA wrote:

I need help understanding what is happening and trouble shooting.

I have two servers running Samba 2.3.3, one as a Domain Controller 
one as a Member Server. Both are running Ubuntu 8.10. smbd, nmbd 
and winbindd using the tdb back end are running on both.


I have two shares on the member server and as far as I can tell 
they are identical. [Projects] works as expected but [Windows] 
always asks for a login name even though the smb.conf entries for 
both are are the same. If I comment out the force group in 
[Windows] users can access the share but there are errors writing 
and creating files. If I create a new share it acts as the 
[Windows] share.


Here are the share definitions and a list of the files in the 
directory;


[Projects]
   Comment = Project Files
   path = /files/Lucretia/Projects
   writeable = yes
   browseable = yes
   create mask = 0764
   directory mask = 0775
   force group = ATLANTA\domain users

[Windows]
   comment = Atlanta Windows Files
   path = /files/Lucretia/Windows
   browseable = yes
   writeable = yes
   create mask = 0764
   directory mask = 0775
   force group = ATLANTA\domain users


r...@louise:/files/Lucretia# ls -l
total 66
drwxrwsr-x   2 root  1000148 2008-07-17 03:17 Arris
-rw-r-Sr--   1 root  10001  5952 2008-07-17 04:25 list
drwxrwsr-x  74 ATLANTA\rob   10001 17040 2009-12-17 15:25 Office
drwxrwsr-x  67 rob   10001 14456 1969-12-31 19:00 Office.orig
drwxrwsr-x  51 ATLANTA\trish 10001  4528 2010-01-14 14:26 Projects
drwxrwsr-x   8 ATLANTA\rob   10001   400 2009-07-10 15:52 Sigma
drwxrwsr-x   6 rob   10001   304 2008-07-17 02:50 Sigma.old
drwxrws*r-x* 314 ATLANTA\trish 10001 24280 2010-01-13 09:49 Windows

Testparm shows no problems although it does rearrange the share 
definitions somewhat.


The problem must be in windows permissions but I don't know how to 
check them, especially since I have only ssh access because the 
site is remote. I have to rely on local users for testing.


How can I get a list of ATLANTA\domain admin group users?

How can I change the permissions?


Any possibility of acl's, especially default acl's?

getfacl /files/Lucretia/Projects
getfacl /files/Lucretia/Windows


Looks like not;

r...@louise:/etc/samba# getfacl /files/Lucretia/Projects
getfacl: Removing leading '/' from absolute path names
# file: files/Lucretia/Projects
# owner: ATLANTA\134trish
# group: 10001
user::rwx
group::rwx
other::r-x

r...@louise:/etc/samba# getfacl /files/Lucretia/Windows
getfacl: Removing leading '/' from absolute path names
# file: files/Lucretia/Windows
# owner: ATLANTA\134trish
# group: 10001
user::rwx
group::rwx
*other::rwx *
If it's not a typo, it is odd that ls and getfacl return different 
results for other in the Windows share

ls = r-x
getfacl = rwx

Even if it's not a typo, it makes no sense that the share with the 
most permissions is the one that's inaccessible.

This is a strange one.

Dale




I apparently changed the permissions between the two listings it is rwx 
for other now when I list the files in the directory.



drwxrwsrwx 290 ATLANTA\trish 10001 23576 2010-01-20 15:51 Windows

--
*Robert Steinmetz, AIA*
Principal
*Steinmetz  Associates*
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba Permissions Problem

2010-01-22 Thread Dale Schroeder


On 01/21/2010 3:08 PM, Robert Steinmetz AIA wrote:

I need help understanding what is happening and trouble shooting.

I have two servers running Samba 2.3.3, one as a Domain Controller one 
as a Member Server. Both are running Ubuntu 8.10. smbd, nmbd and 
winbindd using the tdb back end are running on both.


I have two shares on the member server and as far as I can tell they 
are identical. [Projects] works as expected but [Windows] always asks 
for a login name even though the smb.conf entries for both are are the 
same. If I comment out the force group in [Windows] users can access 
the share but there are errors writing and creating files. If I create 
a new share it acts as the [Windows] share.


Here are the share definitions and a list of the files in the directory;

[Projects]
   Comment = Project Files
   path = /files/Lucretia/Projects
   writeable = yes
   browseable = yes
   create mask = 0764
   directory mask = 0775
   force group = ATLANTA\domain users

[Windows]
   comment = Atlanta Windows Files
   path = /files/Lucretia/Windows
   browseable = yes
   writeable = yes
   create mask = 0764
   directory mask = 0775
   force group = ATLANTA\domain users


r...@louise:/files/Lucretia# ls -l
total 66
drwxrwsr-x   2 root  1000148 2008-07-17 03:17 Arris
-rw-r-Sr--   1 root  10001  5952 2008-07-17 04:25 list
drwxrwsr-x  74 ATLANTA\rob   10001 17040 2009-12-17 15:25 Office
drwxrwsr-x  67 rob   10001 14456 1969-12-31 19:00 Office.orig
drwxrwsr-x  51 ATLANTA\trish 10001  4528 2010-01-14 14:26 Projects
drwxrwsr-x   8 ATLANTA\rob   10001   400 2009-07-10 15:52 Sigma
drwxrwsr-x   6 rob   10001   304 2008-07-17 02:50 Sigma.old
drwxrwsr-x 314 ATLANTA\trish 10001 24280 2010-01-13 09:49 Windows

Testparm shows no problems although it does rearrange the share 
definitions somewhat.


The problem must be in windows permissions but I don't know how to 
check them, especially since I have only ssh access because the site 
is remote. I have to rely on local users for testing.


How can I get a list of ATLANTA\domain admin group users?

How can I change the permissions?


Any possibility of acl's, especially default acl's?

getfacl /files/Lucretia/Projects
getfacl /files/Lucretia/Windows
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba Permissions Problem

2010-01-22 Thread Robert Steinmetz AIA


Dale Schroeder wrote:

On 01/21/2010 3:08 PM, Robert Steinmetz AIA wrote:

I need help understanding what is happening and trouble shooting.

I have two servers running Samba 2.3.3, one as a Domain Controller 
one as a Member Server. Both are running Ubuntu 8.10. smbd, nmbd and 
winbindd using the tdb back end are running on both.


I have two shares on the member server and as far as I can tell they 
are identical. [Projects] works as expected but [Windows] always asks 
for a login name even though the smb.conf entries for both are are 
the same. If I comment out the force group in [Windows] users can 
access the share but there are errors writing and creating files. If 
I create a new share it acts as the [Windows] share.


Here are the share definitions and a list of the files in the directory;

[Projects]
   Comment = Project Files
   path = /files/Lucretia/Projects
   writeable = yes
   browseable = yes
   create mask = 0764
   directory mask = 0775
   force group = ATLANTA\domain users

[Windows]
   comment = Atlanta Windows Files
   path = /files/Lucretia/Windows
   browseable = yes
   writeable = yes
   create mask = 0764
   directory mask = 0775
   force group = ATLANTA\domain users


r...@louise:/files/Lucretia# ls -l
total 66
drwxrwsr-x   2 root  1000148 2008-07-17 03:17 Arris
-rw-r-Sr--   1 root  10001  5952 2008-07-17 04:25 list
drwxrwsr-x  74 ATLANTA\rob   10001 17040 2009-12-17 15:25 Office
drwxrwsr-x  67 rob   10001 14456 1969-12-31 19:00 Office.orig
drwxrwsr-x  51 ATLANTA\trish 10001  4528 2010-01-14 14:26 Projects
drwxrwsr-x   8 ATLANTA\rob   10001   400 2009-07-10 15:52 Sigma
drwxrwsr-x   6 rob   10001   304 2008-07-17 02:50 Sigma.old
drwxrwsr-x 314 ATLANTA\trish 10001 24280 2010-01-13 09:49 Windows

Testparm shows no problems although it does rearrange the share 
definitions somewhat.


The problem must be in windows permissions but I don't know how to 
check them, especially since I have only ssh access because the site 
is remote. I have to rely on local users for testing.


How can I get a list of ATLANTA\domain admin group users?

How can I change the permissions?


Any possibility of acl's, especially default acl's?

getfacl /files/Lucretia/Projects
getfacl /files/Lucretia/Windows


Looks like not;

r...@louise:/etc/samba# getfacl /files/Lucretia/Projects
getfacl: Removing leading '/' from absolute path names
# file: files/Lucretia/Projects
# owner: ATLANTA\134trish
# group: 10001
user::rwx
group::rwx
other::r-x

r...@louise:/etc/samba# getfacl /files/Lucretia/Windows
getfacl: Removing leading '/' from absolute path names
# file: files/Lucretia/Windows
# owner: ATLANTA\134trish
# group: 10001
user::rwx
group::rwx
other::rwx



--
Robert Steinmetz, AIA
Principal
Steinmetz  Associates
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Samba Permissions Problem

2010-01-21 Thread Robert Steinmetz AIA


I need help understanding what is happening and trouble shooting.

I have two servers running Samba 2.3.3, one as a Domain Controller one 
as a Member Server. Both are running Ubuntu 8.10. smbd, nmbd and 
winbindd using the tdb back end are running on both.


I have two shares on the member server and as far as I can tell they are 
identical. [Projects] works as expected but [Windows] always asks for a 
login name even though the smb.conf entries for both are are the same. 
If I comment out the force group in [Windows] users can access the 
share but there are errors writing and creating files. If I create a new 
share it acts as the [Windows] share.


Here are the share definitions and a list of the files in the directory;

[Projects]
   Comment = Project Files
   path = /files/Lucretia/Projects
   writeable = yes
   browseable = yes
   create mask = 0764
   directory mask = 0775
   force group = ATLANTA\domain users

[Windows]
   comment = Atlanta Windows Files
   path = /files/Lucretia/Windows
   browseable = yes
   writeable = yes
   create mask = 0764
   directory mask = 0775
   force group = ATLANTA\domain users


r...@louise:/files/Lucretia# ls -l
total 66
drwxrwsr-x   2 root  1000148 2008-07-17 03:17 Arris
-rw-r-Sr--   1 root  10001  5952 2008-07-17 04:25 list
drwxrwsr-x  74 ATLANTA\rob   10001 17040 2009-12-17 15:25 Office
drwxrwsr-x  67 rob   10001 14456 1969-12-31 19:00 Office.orig
drwxrwsr-x  51 ATLANTA\trish 10001  4528 2010-01-14 14:26 Projects
drwxrwsr-x   8 ATLANTA\rob   10001   400 2009-07-10 15:52 Sigma
drwxrwsr-x   6 rob   10001   304 2008-07-17 02:50 Sigma.old
drwxrwsr-x 314 ATLANTA\trish 10001 24280 2010-01-13 09:49 Windows

Testparm shows no problems although it does rearrange the share 
definitions somewhat.


The problem must be in windows permissions but I don't know how to check 
them, especially since I have only ssh access because the site is 
remote. I have to rely on local users for testing.


How can I get a list of ATLANTA\domain admin group users?

How can I change the permissions?
--
Robert Steinmetz, AIA
Principal
Steinmetz  Associates
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Permissions problem - I am in the proper group but still can't create files

2009-01-28 Thread Ryan Stille

I have a share created on my linux server.  I can connect to it with the 
administrator user just fine.  I need to be able to create files and 
directories with the administrator user, even in directories that are 
not owned by administrator.  administrator is in the users group.   
Everything under the share is in the users group, and the group has 
write permission.  So why can't administrator create files?


If I chown the parent to administrator, then it works fine.  But 
administrator is in the group, and the group has write permission.  So 
why does it also have to be owned by administrator?  I don't have this 
issue on all my other linux servers, just this new one (CentOS 5.2).


Here is the folder I'm trying to create a file in:
drwxrwxr-x 2 root  users  4096 Jan 28 11:10 foo

Here is the line from /etc/group:
users:x:100:rps,administrator,root

And here is my samba share:
[websites]
  comment = /home/WWW-data
  path = /home/WWW-data
  read only = no
  valid users = rps administrator
  create mask = 0664
  directory mask = 0775
  force user = administrator
  force group = nobody

Thanks for any help.
-Ryan


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Permissions problem - I am in the proper group but still can't create files

2009-01-28 Thread Kyle Rabe

On Wed, Jan 28, 2009 at 1:18 PM, Ryan Stille r...@cfwebtools.com wrote:

 [websites]
  comment = /home/WWW-data
  path = /home/WWW-data
  read only = no
  valid users = rps administrator
  create mask = 0664
  directory mask = 0775
  force user = administrator
  force group = nobody


It looks like you're forcing Samba to use the administrator user and
nobody group when a valid login is presented and this share is accessed.
Since the nobody group does not have write permissions on your share, your
authenticated user does not have write permissions.  Try changing force
group from nobody to users or simply removing the line (which might or
might not work - I'm not sure).

-Kyle
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Permissions problem - I am in the proper group but still can't create files

2009-01-28 Thread Ryan Stille


Kyle Rabe wrote:

On Wed, Jan 28, 2009 at 1:18 PM, Ryan Stille r...@cfwebtools.com wrote:

  

[websites]
 comment = /home/WWW-data
 path = /home/WWW-data
 read only = no
 valid users = rps administrator
 create mask = 0664
 directory mask = 0775
 force user = administrator
 force group = nobody




It looks like you're forcing Samba to use the administrator user and
nobody group when a valid login is presented and this share is accessed.
Since the nobody group does not have write permissions on your share, your
authenticated user does not have write permissions.  Try changing force
group from nobody to users or simply removing the line (which might or
might not work - I'm not sure).

-Kyle
  



Thank you, that did fix the problem.  However I was forcing the group 
nobody because I need files that are created through the samba share 
to be editable by the web server.


Would you suggest just adding nobody to the users group?

I'm not sure why this worked on my other web servers...

-Ryan

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Permissions problem - I am in the proper group but still can't create files

2009-01-28 Thread Kyle Rabe

On Wed, Jan 28, 2009 at 2:03 PM, Ryan Stille r...@cfwebtools.com wrote:

 ...I was forcing the group nobody because I need files that are created
 through the samba share to be editable by the web server.


For this purpose, I would use the www-data group or something similar.
The nobody group, in my mind, should not be able to do much of anything,
but perhaps that's a matter of preference.


 Would you suggest just adding nobody to the users group?


This wouldn't help you.  You are forcing samba to use the group nobody,
but the files are not owned by the group nobody.  When forcing the user
and group, you need to 1) make the forced user match the owner of the files
or 2) make the forced group match the group that owns the files.  Otherwise,
your authenticated user only has access to the world permissions because
he/she is not the owner or group that corresponds with the files in
question.

I would suggest thinking about the following:

1. Who should own the files?

This is currently root.  You don't want Samba to use the root account (for
security reasons), so you cannot use the owner permissions on the files and
directories to determine what an authenticated Samba user can or can't do.
If you find that another owner would make sense, then you can chown the
files and make the force user directive match.

2. What group should own the files?

It sounds like you need a group that both the authenticated Samba user and
the web server user are a part of.  I personally would not use nobody, and
even the users group has fairly widespread permissions for my taste.  I
prefer a web server operating under the www-data group, so I would chgrp
the files and directories within the share to this account and use the
force group = www-data directive to allow the authenticated Samba user to
perform operations on this share using the filesystem group permissions.

-Kyle
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] permissions(?) problem? with samba and linux client (=2.6.24)

2008-10-17 Thread Pol Hallen

Hi folks :-)

using smbmount //ip/share /home/user0/share -o username=xxx,password=xxx I 
can mount the share samba dir on my client but:

if I do: touch temp0 I see:
touch: setting times of `temp0': No such file or directory
or I can create new directory but I can't write on it.

Using konqueror (smb://ip/share) I can create, remove and modify anything.

I use cifs fs with samba 3.0.24 (debian stable)

[...]
[share]
path=/share/temp/share
guest ok = no
writable = yes
printable = no
valid users = user0
force users = user0
case sensitive = yes
dos charset = ISO8859-1
unix charset = ISO8859-1
display charset = ISO8859-1
[...]

This problem happen only with new kernels (=2.6.24)

Can somebody help me please?
Thanks!
 
Pol
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Permissions problem

2007-04-22 Thread Scott Braiding

Hi,
 
I am running Samba 3.0.10-1.4E.11 under Centos 4.4 in a Win2K3 AD
network.  I have a share called data with permissions of 777 an owner of
DomainName+Administrator and a group of DomainName+Domain Users. Under
this share I have a number of directories that I have applied various
permissions and groups depending on who is to access them. My problem,
at present, is this. I have a user called Test who is in a group called
Data-Test (amongst other groups). I also have a directory called testdir
with an owner of DomainName+Administrator and a group of
Domain+DataTest, permissions are set to 2770. When I login as the user
Test, I can access the share - i.e data, but I cannot access the testdir
under that share.
 
In smb.conf I have set security to ADS with all the appropriate realm
information - I can access the share with no problems, wbinfo works fine
with a -t, -g and -u. 
The share has the following set in smb.conf
 
[data]
path = /data
writeable = yes
guest ok = yes
create mask = 0770
directory mask = 0770
inherit permissions = yes
 
Can anyone give me a hint as to what I have stuffed up? 
 
thanks
 
Scott
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Permissions problem

2007-04-22 Thread Scott Braiding

Hmmm, it seems that after a while it does work? Does anyone know how
long it takes permissions to propagate?

Scott 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Scott Braiding
Sent: Monday, 23 April 2007 8:13 AM
To: samba@lists.samba.org
Subject: [Samba] Permissions problem

Hi,
 
I am running Samba 3.0.10-1.4E.11 under Centos 4.4 in a Win2K3 AD
network.  I have a share called data with permissions of 777 an owner of
DomainName+Administrator and a group of DomainName+Domain Users. Under
this share I have a number of directories that I have applied various
permissions and groups depending on who is to access them. My problem,
at present, is this. I have a user called Test who is in a group called
Data-Test (amongst other groups). I also have a directory called testdir
with an owner of DomainName+Administrator and a group of
Domain+DataTest, permissions are set to 2770. When I login as the user
Test, I can access the share - i.e data, but I cannot access the testdir
under that share.
 
In smb.conf I have set security to ADS with all the appropriate realm
information - I can access the share with no problems, wbinfo works fine
with a -t, -g and -u. 
The share has the following set in smb.conf
 
[data]
path = /data
writeable = yes
guest ok = yes
create mask = 0770
directory mask = 0770
inherit permissions = yes
 
Can anyone give me a hint as to what I have stuffed up? 
 
thanks
 
Scott
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] permissions problem with adding a machine

2006-09-25 Thread Felipe Augusto van de Wiel

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 09/19/2006 10:52 PM, David Bear escreveu:
 I have configured a domain controller in samba 3.0.xxx. I followed the
 how-to at samba.org and I think I may have missed a step because now
 when I attempt to add a machine to the domain, I get an error.
 
 I am using tdbsam as the user/group store. I ran the net group map to
 make windows groups to unix groups. I have verified that my
 administrator users are in group wheel.
 
 I do not use the map users file. I found that when I put my
 administrative user names there they were not permitted to log into
 the domain.
 
 Is there a checklist that I can follow to make sure I didn't forget a
 step?

There are no checklists that I'm aware of.

Did you try to add a machine with 'root'?

Did you set any users in the Domain Admins group? (And
of course, did 'net groupmap' a unixgroup to the Domain Admins
group?).


If you still have problems, please, send you smb.conf
attached with the important part of your log (also increase the
loglevel/debuglevel).

Kind regards,

- --
Felipe Augusto van de Wiel [EMAIL PROTECTED]
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/   Phone: (+55 41 3350 3300)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org

iD8DBQFFGA4oCj65ZxU4gPQRAq7SAKDOibdKc7lpAoADL6g0daUvHOkL0gCfZeKu
fJgy9lo0Q17jkbzaAQvX/So=
=dDb5
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] permissions problem with adding a machine

2006-09-19 Thread David Bear

I have configured a domain controller in samba 3.0.xxx. I followed the
how-to at samba.org and I think I may have missed a step because now
when I attempt to add a machine to the domain, I get an error.

I am using tdbsam as the user/group store. I ran the net group map to
make windows groups to unix groups. I have verified that my
administrator users are in group wheel.

I do not use the map users file. I found that when I put my
administrative user names there they were not permitted to log into
the domain.

Is there a checklist that I can follow to make sure I didn't forget a
step?

-- 
David Bear
phone:  602-496-0424
fax:602-496-0955
College of Public Programs/ASU
University Center Rm 622
411 N Central
Phoenix, AZ 85007-0685
 Beware the IP portfolio, everyone will be suspect of trespassing
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Wierd Samba permissions problem (URGENT)

2005-10-20 Thread bdbruin

Which version of samba are you using? Until 3.0.14 there was a bug in the
ACL handling of Samba afaik. The symptoms you describe sound very similar.



 Hello List,

 Please CC me on responses as I am not currently subscribed to the list.

 Please see the following attached files for details.

 Basically, Samba comes back and says the our users have no rights to
 create / modify / delete files on a share, even though the file system
 permissions seem correct and the smb.conf file looks good and the user
 either owns the file / directory or is listed in the group.


 --
 Lee Leahu   RICIS, Inc.
 Internet Technology Specialist  866-RICIS-77 Toll Free Voice (US)
 [EMAIL PROTECTED]   708-444-2690 Voice (International)
 http://www.ricis.com/   866-99-RICIS Toll Free Fax (US)
 708-444-2697 Fax (International)

 RICIS, Inc. is a member of the Public Safety Alliance Group

 This email and any attachments that are included in it have been scanned
 for malicious or inappropriate content and are believed to be safe.




-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] permissions problem

2005-09-22 Thread Marcos Osorio

Hi, i have a samba server with a share, in that share there is a folder called, 
for example 'users' and then sub folders with permissions 750 for each.
With this i can handle de access to the folder by group.
Let me put more clear:
x:\
 - - - - users \
  - -john
  ---paul
  ---production
 
The problem is this: even that user paul or anyone of his group can't access to 
john folder, he can delete de folder john.
Is there a way to prevent this?, i mean, to prohibit anyone exept john and his 
members group to delete that folder¿?
 
Thanks.-
  MMo-.-
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Permissions Problem

2005-09-21 Thread JLR

I can see and read the samba share on a Fedora Core 4 box, but I can't add,
modify, delete anything neither directories nor files.

How do I enable file writing, modification and deletion?

---
smb.conf

# Global parameters
[global]
 server string = Samba Server
 username map = /etc/samba/smbusers
 log file = /var/log/samba/%m.log
 max log size = 50
 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
 printcap name = /etc/printcap
 dns proxy = No
 idmap uid = 16777216-33554431
 idmap gid = 16777216-33554431
 cups options = raw
 workgroup = workgroup

[homes]
 comment = Home Directories
 writeable = yes
 browseable = No

[printers]
 comment = All Printers
 path = /var/spool/samba
 printable = Yes
 browseable = No

[share]
 comment = FC4 Samba Share
 path = /share
 writeable = yes
 guest ok = Yes
---
ls -lai

total 112
2979006 drwxrwxrwx   2 root root  4096 Sep 20 13:34 .
  2 drwxr-xr-x  26 root root  4096 Sep 20 13:23 ..
2979099 -rwxrwxrwx   1 root root20 Sep 20 13:25 lmhosts
2979108 -rwxrwxrwx   1 root root 0 Sep 20 13:34 ls.txt
2979007 -rwxrwxrwx   1 root root40 Aug 24 14:50 OpenShare.txt
2979100 -rwxrwxrwx   1 root root  8192 Sep 20 13:25 secrets.tdb
2979101 -rwxrwxrwx   1 root root   695 Sep 20 13:25 smb.conf
2979102 -rwxrwxrwx   1 root root   744 Sep 20 13:25 smb.conf.1
2979103 -rwxrwxrwx   1 root root 10997 Sep 20 13:25 smb.conf.master
2979104 -rwxrwxrwx   1 root root   100 Sep 20 13:25 smbpasswd
2979105 -rwxrwxrwx   1 root root   100 Sep 20 13:25 smbpasswd.dnt
2979106 -rwxrwxrwx   1 root root   110 Sep 20 13:25 smbusers
2979107 -rwxrwxrwx   1 root root   110 Sep 20 13:25 smbusers.dnt

--
- JLR --
garbage jraff a t comcast d o t net garbage
Remove garbage and reformat to send mail



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Permissions problem - smb 3 and FBSD 5.4-stable

2005-09-09 Thread felipe

Hi Folks,

I'm using samba 3.0.14a_1,1 on FreeBSD 5.4-STABLE. I'm having a problem that all
my samba users must be set in 'admins users' directive in smb.conf. Users that
aren't on 'admin users' in smb.conf don't have permissions to read/write some
shares and their own home directory.

Any suggestion?

Thanks,

Felipe.




-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Permissions Problem (?)

2005-08-29 Thread Simon Ansley

Hello,

I'm an inexperienced Linux / Samba user attempting to get some simple
networking going with various versions of Windows.

Running Samba 3.0.14a-2 on a 'freebie magazine' fedora install.

I appear to have a what I think is a permissions problem, but could(?) be
username or password related.
I can see my shares on all of my Windows clients (2k,xp and 98). I can read
from them, but not write to them.

Win 2K and 98 reports 'Cannot access this file. Check security priveleges
over the network drive'. when trying to create a new or modify an existing
file.

If I smbmount the share (on the linux box on which it exists), I also cannot
write to it when logged in as user Simon, though I can write to it direct
(ie not through the mount point) logged in as Simon.

I have the following in smb.conf:

[global]
workgroup = AED
wins support = yes
log level = 3
max log size = 1000
read only = no
hosts allow = 192.168.2.
printcap name = /etc/printcap
printing = lprng
log file = /root/smb.log
server string = Testing
smb passwd file = etc/samba/smbpasswd
password level = 8
username level = 8

and

[D-Main-Data]
comment = Main Data Drive
path = /usr/AED/D-Main-Data/
valid users = Simon
create mask = 0775
write list = Simon

At /usr/AED/D-Main-Data, the permisions show as drwxrwxrwx, though at the
the point where the share is smbmounted are drwx-r-xr-x. I suspect this is
the clue to the whole thing, but I don't know the solution! I've tried
setting the owner of /usr/AED/D-Main-Data to both root and to Simon to no
avail.

Windows shows no permissions ticked in Security Properties for the shared
directory or directories under it. A file created on the Linux box as user
Simon shows as having Read and Write ticked, but I still can't modify and
save it.

I have the same user / password combinations set up on the Win and Linux
boxes, and also in smbpasswd.

I have a horrible feeling this is a basic linux permissions issue, but I'm
at the end of my own limited abilities with it.

Thanks in advance,

Simon Ansley

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Permissions problem/misunderstanding ... Domain Admins vs. Administrators

2005-07-20 Thread Steve Williams

Hi,

Using Samba 3.0.14a and AIX 4.3, I have been able to join PC's to the
domain without any problem. It just works. I am using local profiles,
and serving login batch files from the server, and that just works. So
far, I'm a happy camper.

Now, I am trying to understand permissions so that I can
actually use the moveuser.exe command from the Windows Server 2003
Resource Kit Tools
(http://www.microsoft.com/downloads/details.aspx?FamilyID=9d467a69-57ff-4ae7-96ee-b18c4790cffddisplaylang=en).
This is on Windows XP Pro SP2 with all recent patches.

I am trying to Copy the existing local user profile to the Doman so they
retain their desktop favorites, etc. The moveuser command says that
it needs to run with the permissions of someone able to write the profile.
So, I figure a user in the Domain Admins group should be able to do
this. Have complete access to the local PC and complete access to the
Samba server. I keep getting a Permission Denied error.

Here's the lead up:

Following the directions in the Samba3-HOWTO.pdf (page 226), I created a
group domadm in /etc/groups consisting of:

domadm:!:1000:keith,root,steve

Then, I did a:
net groupmap add ntgroup=Domain Admins unixgroup=domadm

on the AIX Server:
AIX# net rpc group
Password:
Domain Admin
System Operators
Replicators
Guests
Power Users
Print Operators
Administrators
Account Operators
Backup Operators
Users

and:
AIX# net rpc group members Domain Admins
Password:
AIXDOM\keith
AIXDOM\root
AIXDOM\steve

So, that all looks fine. From the Windows XP SP2 server:
C:\net localgroup

Aliases for \\OKE_OFFICE

---
*Administrators
*Backup Operators
*BCMUsers
*Debugger Users
*Guests
*HelpServicesGroup
*Network Configuration Operators
*Power Users
*Remote Desktop Users
*Replicator
*Users
The command completed successfully.

and

C:\net localgroup Administrators
Alias name Administrators
CommentAdministrators have complete and unrestricted access to the
compu
ter/domain

Members

---
Administrator
Dianne
AIXDOM\Domain Admins
The command completed successfully.

and again from the XP SP2 box:
C:\net group Domain Admins /domain
The request will be processed at a domain controller for domain AIXDOM.

Group name Domain Admins
CommentDomain Unix group

Members

---
keithroot steve
The command completed successfully.

Ok, so as far as I can tell, the connectivity is all the way through.

I do have a username map for Administrator to root (I know 3.0.14a does
not need root, but I am trying to narrow the options for me screwing
up).

But if I log onto the XP SP2 workstation as root and the appropriate
password, everything seems sane. In my mind, I should now have the same
power as the local Administrator user on that PC.

However, I if I browse the My Computer, I CANNOT go into any other user's
Document and Settings folder other than root's. I think there is
something very very wrong here, but I cannot figure out for the life of me
what it is! If I log in as Administrator to the local workstation, I can
access everywhere on the drive... This is driving me crazy! I missing
some subtle piece of the puzzle... or maybe not so subtle! lol..

Hum... one other piece of (perhaps) relevant information is that I am
running smbpasswd backend for now. I cannot upgrade because the samba
password file has about 250 users that are not in the /etc/groups. When I
import the smbpasswd into the tdbsam, I get lots of errors ppl cannot
log on :-( That will be my next thing, awk script to clean the smbpasswd
file (relative to the /etc/passwd file).

Does anyone have ANY advice?

Thanks,
Steve Williams

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba

[Samba] Permissions Problem

2005-02-01 Thread Don Brearley


Hello,

I have a share called [math] and in it, I have files in it.

When I write files to the root of that share, it successfully saves
them with a permission of 775. 

In my smb.conf, I have the following:

force create mode = 0775
force directory mode = 0775

Now..  when a user saves into a subdirectory of that share, it sets
permissions as 0755, which doesnt really work so well for me.

My question is, how can I make sure that all files under the share
are set mode 775 when created/saved/modified/etc ?

I am using Samba 3.0.10 on FreeBSD 5.3-RELEASE

Any assistance would be greatly appreciated!

- Don Brearley
  HCC Computer Services

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Permissions Problem

2004-11-29 Thread Misty Stanley-Jones

Hi all,

I've got a share called [ACCOUNTING] with the following share definition:
[ACCOUNTING]
path = /data/samba/shares/Accounting
valid users = @acct @Domain Admins
browseable = yes
public = no
read only = no
force group = acct

Here is the permissions on the directory:
oink:/data/samba/shares # ls -ld /data/samba/shares/Accounting
drwxrwxr-x  9 root acct 4096 Nov 29 09:30 /data/samba/shares/Accounting

Here is the permissions on a file in the directory:
-rwxrwxrwx  1 root acct 904192 Nov 29 
09:48 /data/samba/shares/Accounting/Invoice Recap.xls

The permissions on this file look fine from within Windows Explorer \ 
properties \ Security.  They look fine on the UNIX side.  But in Excel, this 
file is always opened as read-only.  I have verified that the user in 
question is in the acct group.  Also the 'fuser' command does not report 
anyone using the file.  I would appreciate any help in figure out what has 
gone wrong here.

Thanks,
Misty
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Permissions Problem

2004-11-29 Thread Misty Stanley-Jones



On Monday 29 November 2004 10:03, Misty Stanley-Jones wrote:
 Hi all,

 I've got a share called [ACCOUNTING] with the following share definition:
 [ACCOUNTING]
 path = /data/samba/shares/Accounting
 valid users = @acct @Domain Admins
 browseable = yes
 public = no
 read only = no
 force group = acct

 Here is the permissions on the directory:
 oink:/data/samba/shares # ls -ld /data/samba/shares/Accounting
 drwxrwxr-x  9 root acct 4096 Nov 29 09:30 /data/samba/shares/Accounting

 Here is the permissions on a file in the directory:
 -rwxrwxrwx  1 root acct 904192 Nov 29
 09:48 /data/samba/shares/Accounting/Invoice Recap.xls

 The permissions on this file look fine from within Windows Explorer \
 properties \ Security.  They look fine on the UNIX side.  But in Excel,
 this file is always opened as read-only.  I have verified that the user in
 question is in the acct group.  Also the 'fuser' command does not report
 anyone using the file.  I would appreciate any help in figure out what has
 gone wrong here.


New info to add:

If I access the share as \\corpsrv\accounting, I can write to the files.  If I 
access it via its drive letter I cannot.  I've just mapped it via the 
command:
net use m: \\corpsrv\accounting

Also it is not just Excel.  I've tried to open a text file with Notepad and I 
get the same results.

Any ideas?

Thanks,
Misty

 Thanks,
 Misty
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Permissions Problem

2004-11-29 Thread robert

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Monday 29 November 2004 09:19, Misty Stanley-Jones wrote:
 On Monday 29 November 2004 10:03, Misty Stanley-Jones wrote:
  Hi all,
 
  I've got a share called [ACCOUNTING] with the following share definition:
  [ACCOUNTING]
  path = /data/samba/shares/Accounting
  valid users = @acct @Domain Admins
  browseable = yes
  public = no
  read only = no
  force group = acct
 
  Here is the permissions on the directory:
  oink:/data/samba/shares # ls -ld /data/samba/shares/Accounting
  drwxrwxr-x  9 root acct 4096 Nov 29 09:30 /data/samba/shares/Accounting
 
  Here is the permissions on a file in the directory:
  -rwxrwxrwx  1 root acct 904192 Nov 29
  09:48 /data/samba/shares/Accounting/Invoice Recap.xls
 
  The permissions on this file look fine from within Windows Explorer \
  properties \ Security.  They look fine on the UNIX side.  But in Excel,
  this file is always opened as read-only.  I have verified that the user
  in question is in the acct group.  Also the 'fuser' command does not
  report anyone using the file.  I would appreciate any help in figure out
  what has gone wrong here.

 New info to add:

 If I access the share as \\corpsrv\accounting, I can write to the files. 
 If I access it via its drive letter I cannot.  I've just mapped it via the
 command:
 net use m: \\corpsrv\accounting

 Also it is not just Excel.  I've tried to open a text file with Notepad and
 I get the same results.

 Any ideas?

 Thanks,
 Misty

  Thanks,
  Misty

Well, two ideas. First try shortening the share name. I've seen problems on 
some clients (you didn't say which client you are using) with the longer 
share names and ones that use a hyphen (not the case here). Second, I did 
find a KB article 838895 
(http://support.microsoft.com/default.aspx?scid=kb;en-us;838895) which may 
describe your problem. Even if that's not the version of excel you are using, 
it might still be accurate (M$ doesn't always issue articles for bugs they 
know about).

- -- 
Fail to learn history-repeat it.
Fail to learn rights-lose them.
Learn both-get screwed by previous two groups.
Public key is at http://home.swbell.net/berzerke/robert.key
Fingerprint: 0D70 9ADF B5A7 45E7 A853 4B1C 8E0F 4324 C39D 44A2
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBq0XAjg9DJMOdRKIRAoSDAKCOHhqCjB3/U8Qdqq19lTu7/k/KwwCfZYG6
+oTQ2TXiNmS9Zdhp0LGjDf8=
=uz0u
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Permissions Problem

2004-11-29 Thread Misty Stanley-Jones

On Monday 29 November 2004 10:52, robert wrote:


 Well, two ideas. First try shortening the share name. I've seen problems on
 some clients (you didn't say which client you are using) with the longer
 share names and ones that use a hyphen (not the case here). Second, I did
 find a KB article 838895
 (http://support.microsoft.com/default.aspx?scid=kb;en-us;838895) which may
 describe your problem. Even if that's not the version of excel you are
 using, it might still be accurate (M$ doesn't always issue articles for
 bugs they know about).

I might buy it, but:
1.  The problem is also exhibited with Notepad.
2.  The share name is only 10 letters long.  I have not heard of problems with 
shares that long, especially with WinXP and Win2K clients.

Still looking,
Misty


 --
 Fail to learn history-repeat it.
 Fail to learn rights-lose them.
 Learn both-get screwed by previous two groups.
 Public key is at http://home.swbell.net/berzerke/robert.key
 Fingerprint: 0D70 9ADF B5A7 45E7 A853 4B1C 8E0F 4324 C39D 44A2
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Permissions problem with 3.0.8

2004-11-09 Thread Beschorner Daniel

Since 3.0.8 we have a file permission problem (group related???).
I didn't take a closer look at it, our production environment went back to
3.0.7.

symptoms: certain files can't be recreated/deleted, but group rights should
allow it.

3.0.7 works fine.

Daniel
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Permissions problem with 3.0.8

2004-11-09 Thread Gerald (Jerry) Carter

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Beschorner Daniel wrote:
| Since 3.0.8 we have a file permission problem (group related???).
| I didn't take a closer look at it, our production environment went back to
| 3.0.7.
|
| symptoms: certain files can't be recreated/deleted, but group rights
should
| allow it.
|
| 3.0.7 works fine.
We'll need a lot more information.


cheers, jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFBkNEaIR7qMdg1EfYRAm3ZAJ9OusYDoQOvA8a/hglSsrn+ctw6DQCg6ugq
Ty8XyPgZBQb24C+qVMpFmpk=
=p3FL
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

AW: [Samba] Permissions problem with 3.0.8

2004-11-09 Thread Beschorner Daniel

We use LDAP backend and Linux 2.6.
It happens only --with-acl-support.
This 2 errors I found in the level 10 log when I try to copy a fresh copied
file a second time on itself (permissions of test file are -r-xrw, user
and group match)
Maybe the attribute mapping goes another path with acl support?
3.0.7 works fine.

Daniel




[2004/11/09 17:02:02, 10] smbd/open.c:open_file_shared1(1038)
  open_file_shared: fname = bootfont.bin, dos_attrs = 27, share_mode = 41,
ofun = 12, mode = 560, oplock request = 3
[2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode(283)
  dos_mode: bootfont.bin
[2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode_from_sbuf(151)
  dos_mode_from_sbuf returning ra
[2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode(315)
  dos_mode returning ra
[2004/11/09 17:02:02, 10] smbd/open.c:open_match_attributes(922)
  open_match_attributes: file bootfont.bin old_dos_mode = 0x21,
existing_mode = 0100560, new_dos_mode = 0x27 returned_mode =
[2004/11/09 17:02:02, 5] smbd/open.c:open_file_shared1(1141)
  open_file_shared: read/write access requested for file bootfont.bin on
read only file
[2004/11/09 17:02:02, 5] smbd/files.c:file_free(385)
  freed files structure 5799 (2 used)
[2004/11/09 17:02:02, 10] smbd/trans2.c:set_bad_path_error(2234)
  set_bad_path_error: err = 13 bad_path = 0
[2004/11/09 17:02:02, 3] smbd/error.c:error_packet(105)
  error string = Permission denied
[2004/11/09 17:02:02, 3] smbd/error.c:error_packet(129)
  error packet at smbd/trans2.c(2243) cmd=162 (SMBntcreateX)
NT_STATUS_ACCESS_DENIED

...

[2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode(283)
  dos_mode: bootfont.bin
[2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode_from_sbuf(151)
  dos_mode_from_sbuf returning ra
[2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode(315)
  dos_mode returning ra
[2004/11/09 17:02:02, 6] smbd/trans2.c:call_trans2setfilepathinfo(3621)
  actime: Wed Apr  2 13:00:00 2003
   modtime: Thu Jan  1 01:00:00 1970
   size: 4952 dosmode: a0
[2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode(283)
  dos_mode: bootfont.bin
[2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode_from_sbuf(151)
  dos_mode_from_sbuf returning ra
[2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode(315)
  dos_mode returning ra
[2004/11/09 17:02:02, 10] smbd/trans2.c:call_trans2setfilepathinfo(3678)
  call_trans2setfilepathinfo: file bootfont.bin : setting dos mode a0
[2004/11/09 17:02:02, 10] smbd/dosmode.c:file_set_dosmode(340)
  file_set_dosmode: setting dos mode 0xa0 on file bootfont.bin
[2004/11/09 17:02:02, 2] smbd/trans2.c:call_trans2setfilepathinfo(3681)
  file_set_dosmode of bootfont.bin failed (No data available)
[2004/11/09 17:02:02, 3] smbd/error.c:error_packet(105)
  error string = No data available
[2004/11/09 17:02:02, 3] smbd/error.c:error_packet(129)
  error packet at smbd/trans2.c(3682) cmd=50 (SMBtrans2)
NT_STATUS_ACCESS_DENIED


-Ursprüngliche Nachricht-
Von: Gerald (Jerry) Carter [mailto:[EMAIL PROTECTED]
Gesendet: Dienstag, 9. November 2004 15:16
An: Beschorner Daniel
Cc: '[EMAIL PROTECTED]'
Betreff: Re: [Samba] Permissions problem with 3.0.8

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Beschorner Daniel wrote:
| Since 3.0.8 we have a file permission problem (group related???).
| I didn't take a closer look at it, our production environment went 
| back to 3.0.7.
|
| symptoms: certain files can't be recreated/deleted, but group rights
should
| allow it.
|
| 3.0.7 works fine.

We'll need a lot more information.





cheers, jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFBkNEaIR7qMdg1EfYRAm3ZAJ9OusYDoQOvA8a/hglSsrn+ctw6DQCg6ugq
Ty8XyPgZBQb24C+qVMpFmpk=
=p3FL
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Permissions problem with 3.0.8

2004-11-09 Thread Andreas

On Tue, Nov 09, 2004 at 05:14:44PM +0100, Beschorner Daniel wrote:
 [2004/11/09 17:02:02, 10] smbd/open.c:open_file_shared1(1038)
   open_file_shared: fname = bootfont.bin, dos_attrs = 27, share_mode = 41,
 ofun = 12, mode = 560, oplock request = 3
 [2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode(283)
   dos_mode: bootfont.bin
 [2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode_from_sbuf(151)
   dos_mode_from_sbuf returning ra
 [2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode(315)
   dos_mode returning ra
 [2004/11/09 17:02:02, 10] smbd/open.c:open_match_attributes(922)
   open_match_attributes: file bootfont.bin old_dos_mode = 0x21,
 existing_mode = 0100560, new_dos_mode = 0x27 returned_mode =
 [2004/11/09 17:02:02, 5] smbd/open.c:open_file_shared1(1141)
   open_file_shared: read/write access requested for file bootfont.bin on
 read only file
 [2004/11/09 17:02:02, 5] smbd/files.c:file_free(385)
   freed files structure 5799 (2 used)
 [2004/11/09 17:02:02, 10] smbd/trans2.c:set_bad_path_error(2234)
   set_bad_path_error: err = 13 bad_path = 0
 [2004/11/09 17:02:02, 3] smbd/error.c:error_packet(105)
   error string = Permission denied
 [2004/11/09 17:02:02, 3] smbd/error.c:error_packet(129)
   error packet at smbd/trans2.c(2243) cmd=162 (SMBntcreateX)
 NT_STATUS_ACCESS_DENIED
 
 ...
 
 [2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode(283)
   dos_mode: bootfont.bin
 [2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode_from_sbuf(151)
   dos_mode_from_sbuf returning ra
 [2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode(315)
   dos_mode returning ra
 [2004/11/09 17:02:02, 6] smbd/trans2.c:call_trans2setfilepathinfo(3621)
   actime: Wed Apr  2 13:00:00 2003
modtime: Thu Jan  1 01:00:00 1970
size: 4952 dosmode: a0
 [2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode(283)
   dos_mode: bootfont.bin
 [2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode_from_sbuf(151)
   dos_mode_from_sbuf returning ra
 [2004/11/09 17:02:02, 8] smbd/dosmode.c:dos_mode(315)
   dos_mode returning ra
 [2004/11/09 17:02:02, 10] smbd/trans2.c:call_trans2setfilepathinfo(3678)
   call_trans2setfilepathinfo: file bootfont.bin : setting dos mode a0
 [2004/11/09 17:02:02, 10] smbd/dosmode.c:file_set_dosmode(340)
   file_set_dosmode: setting dos mode 0xa0 on file bootfont.bin
 [2004/11/09 17:02:02, 2] smbd/trans2.c:call_trans2setfilepathinfo(3681)
   file_set_dosmode of bootfont.bin failed (No data available)
 [2004/11/09 17:02:02, 3] smbd/error.c:error_packet(105)
   error string = No data available
 [2004/11/09 17:02:02, 3] smbd/error.c:error_packet(129)
   error packet at smbd/trans2.c(3682) cmd=50 (SMBtrans2)
 NT_STATUS_ACCESS_DENIED

I'm getting what seems to be (at first glance) the same error in my roaming
profiles problem. It happens with a winxp sp2 pro pt_BR workstation while
trying to copy the profiles to the profile share.

(user maria)

(...)
[2004/11/09 14:21:42, 3] smbd/trans2.c:call_trans2setfilepathinfo(3096)
  call_trans2setfilepathinfo(8) maria/SendTo (fnum 8786) info_level=1004 
totdata=40
[2004/11/09 14:21:42, 8] smbd/dosmode.c:dos_mode(283)
  dos_mode: maria/SendTo
[2004/11/09 14:21:42, 8] smbd/dosmode.c:dos_mode_from_sbuf(151)
  dos_mode_from_sbuf returning d
[2004/11/09 14:21:42, 8] smbd/dosmode.c:dos_mode(315)
  dos_mode returning d
[2004/11/09 14:21:42, 6] smbd/trans2.c:call_trans2setfilepathinfo(3621)
  actime: Tue Nov  9 14:21:42 2004
   modtime: Wed Dec 31 21:00:00 1969
   size: 0 dosmode: 13
[2004/11/09 14:21:42, 8] smbd/dosmode.c:dos_mode(283)
  dos_mode: maria/SendTo
[2004/11/09 14:21:42, 8] smbd/dosmode.c:dos_mode_from_sbuf(151)
  dos_mode_from_sbuf returning d
[2004/11/09 14:21:42, 8] smbd/dosmode.c:dos_mode(315)
  dos_mode returning d
[2004/11/09 14:21:42, 10] smbd/trans2.c:call_trans2setfilepathinfo(3678)
  call_trans2setfilepathinfo: file maria/SendTo : setting dos mode 13
[2004/11/09 14:21:42, 10] smbd/dosmode.c:file_set_dosmode(340)
  file_set_dosmode: setting dos mode 0x13 on file maria/SendTo
[2004/11/09 14:21:42, 2] smbd/trans2.c:call_trans2setfilepathinfo(3681)
  file_set_dosmode of maria/SendTo failed (No data available)
[2004/11/09 14:21:42, 3] smbd/error.c:error_packet(105)
  error string = No data available
[2004/11/09 14:21:42, 3] smbd/error.c:error_packet(129)
  error packet at smbd/trans2.c(3682) cmd=50 (SMBtrans2) NT_STATUS_ACCESS_DENIED
(...)

strace from that part shows a mkdir for maria/SendTo, then 
getxattr(maria/SendTo...
which returns ENODATA and later on a rmdir for maria/SendTo. Perhaps windows 
couldn't 
set some permissions and gave up?

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Permissions problem with 3.0.8

2004-11-09 Thread Andreas

On Tue, Nov 09, 2004 at 05:14:44PM +0100, Beschorner Daniel wrote:
 We use LDAP backend and Linux 2.6.
 It happens only --with-acl-support.
 This 2 errors I found in the level 10 log when I try to copy a fresh copied
 file a second time on itself (permissions of test file are -r-xrw, user
 and group match)
 Maybe the attribute mapping goes another path with acl support?
 3.0.7 works fine.
 
3.0.7 also started working fine for me and my roaming profiles.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Permissions problem...I must be overlooking something...

2004-07-27 Thread Patrick Boettcher

Hi,

I nearly have the same problem as David.

I have a share:

[forall]
   path = /home/data/forall
   read only   = yes
   write list  = Administrator, @lehrer, @domadm, @verwaltung
   force user  = root
   force group = staff
   create mask = 0664
   directory mask = 0775

and

rwxrwxr-x9 root staff   4096 Jul 27 12:42 forall

Neither Administrator nor any of the given group members are allowed to
create any files in this path.

But, when I remove the force * attributes everything works like
expected... except the owner/group is not set, of course.

I could be wrong, but this problems occurs firstly when I
started to migrate to samba 3.0.4 (and now 3.0.5). In an environment with
samba 3.0.2a (and below) this is working.

The logs only tell me, that this is a read-only share and it is not
possible to write to.

I use Samba as PDC with LDAP backend also for posix accounts.

David, did you solve your problem already?

Thanks for any help,

Patrick
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Permissions problem...I must be overlooking something...

2004-07-14 Thread Mike Stewart

Hi, just a thought

Are the LINUX permissions on the directory set correctly ? Make sure it's
owned by your group,  I got caught out by that a few times when I created a
new directory as root and then tried to share it for users

Mike

- Original Message - 
From: David Brodbeck [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, July 13, 2004 4:56 PM
Subject: RE: [Samba] Permissions problem...I must be overlooking
*something*...


  -Original Message-
  From: Mark Lidstone [mailto:[EMAIL PROTECTED]

  You've probably only put them in because of the problem you're having,
  but writeable/writable and read only are actually the same setting
  but reversed.  E.g. writeable/writable = yes is the same as
  read only
  = no.  Therefore you only need to put one or the other.

 Yes, I know.  I originally only had writable = yes, but I added the other
 out of frustration with Samba insisting the share is read-only.

  Anyway, onto my suggestion.  Have you restarted samba since
  you made the
  share writeable?

 Yes, I sent the HUP signal to the daemon to tell it to re-load its
 configuration file.

  Also, if you're forcing group INTERCLEAN+Domain Admins and setting
  valid users to the same, won't everyone be able to write to
  the share
  as a domain admin?

 Would they?  I figured only Domain Admins would be allowed to access the
 share at all, then the force group would take effect after that.  I took
 the force group line out, but it made no difference, I still can't
create
 any files.
 -- 
 To unsubscribe from this list go to the following URL and read the
 instructions:  http://lists.samba.org/mailman/listinfo/samba




---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.712 / Virus Database: 468 - Release Date: 28/06/2004


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Permissions problem...I must be overlooking somethin g...

2004-07-14 Thread David Brodbeck

 -Original Message-
 From: Mike Stewart [mailto:[EMAIL PROTECTED]
 Hi, just a thought
 
 Are the LINUX permissions on the directory set correctly ? 
 Make sure it's
 owned by your group,  I got caught out by that a few times 
 when I created a
 new directory as root and then tried to share it for users

The directory is owned by INTERCLEAN+Domain Admins.  I finally gave up and
set the user ownership to myself...it works now for me, which is enough for
now, since currently I'm the only active domain admin.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Permissions problem...I must be overlooking something...

2004-07-13 Thread David Brodbeck

I have a share I can't seem to create files on, and I can't figure out why.
I get Access denied from Windows, and the samba log shows this:

[2004/07/13 10:52:26, 2] smbd/open.c:open_directory(1293)
  open_directory: failing create on read-only share
[2004/07/13 10:52:26, 2] smbd/open.c:open_directory(1293)
  open_directory: failing create on read-only share

The share has the following definition:

[webfiles]
path = /var/www
force group = INTERCLEAN+Domain Admins
valid users = @INTERCLEAN+Domain Admins
writable = yes
read only = no

Here are the permissions on /var/www:

# file: www
# owner: root
# group: INTERCLEAN+Domain Admins
user::rwx
group::rwx
other::r-x

I'm in the Domain Admins group.  Why doesn't this work?  I'm sure there's
something silly I'm overlooking, but I can't see what it is right now.

---

David Brodbeck, System Administrator
InterClean Equipment, Inc.
3939 Bestech Drive Suite B
Ypsilanti, MI 48197
(734) 975-2967 x221
(734) 975-1646 (fax)
 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Permissions problem...I must be overlooking something...

2004-07-13 Thread Mark Lidstone

Hi David,

First of all I'll suggest the obvious (probably not your problem here,
but it's worth a shot).

You've probably only put them in because of the problem you're having,
but writeable/writable and read only are actually the same setting
but reversed.  E.g. writeable/writable = yes is the same as read only
= no.  Therefore you only need to put one or the other.  If you stick
to only using one it can make your smb.conf easier to read.  This won't
be causing the problem, it's just a bit of config file snobbery  ;)

Anyway, onto my suggestion.  Have you restarted samba since you made the
share writeable?

Also, if you're forcing group INTERCLEAN+Domain Admins and setting
valid users to the same, won't everyone be able to write to the share
as a domain admin?  Seems a bit like a security risk to me, but then I'm
sure you've a good reason why you've done this.

I hope this helps,

Mark Lidstone
IT and Network Support Administrator

BMT SeaTech Ltd
Grove House, Meridians Cross, 7 Ocean Way
Ocean Village, Southampton.  SO14 3TJ. UK
Tel: +44 (0)23 8063 5122 
Fax: +44 (0)23 8063 5144

E-Mail:  mailto:[EMAIL PROTECTED]
Website: www.bmtseatech.co.uk

==
Confidentiality Notice and Disclaimer: 
The contents of this e-mail and any attachments are intended only for
the
use of the e-mail addressee(s) shown. If you are not that person, or one
of those persons, you are not allowed to take any action based upon it
or
to copy it, forward, distribute or disclose the contents of it and you
should please delete it from your system. BMT SeaTech Limited does not
accept liability for any errors or omissions in the context of this
e-mail
or its attachments which arise as a result of Internet transmission, nor
accept liability for statements which are those of the author and not
clearly made on behalf of BMT SeaTech Limited.

==
  

-Original Message-
From: David Brodbeck [mailto:[EMAIL PROTECTED] 
Sent: 13 July 2004 15:56
To: '[EMAIL PROTECTED]'
Subject: [Samba] Permissions problem...I must be overlooking
*something*...


I have a share I can't seem to create files on, and I can't figure out
why. I get Access denied from Windows, and the samba log shows this:

[2004/07/13 10:52:26, 2] smbd/open.c:open_directory(1293)
  open_directory: failing create on read-only share
[2004/07/13 10:52:26, 2] smbd/open.c:open_directory(1293)
  open_directory: failing create on read-only share

The share has the following definition:

[webfiles]
path = /var/www
force group = INTERCLEAN+Domain Admins
valid users = @INTERCLEAN+Domain Admins
writable = yes
read only = no

Here are the permissions on /var/www:

# file: www
# owner: root
# group: INTERCLEAN+Domain Admins
user::rwx
group::rwx
other::r-x

I'm in the Domain Admins group.  Why doesn't this work?  I'm sure
there's something silly I'm overlooking, but I can't see what it is
right now.

---

David Brodbeck, System Administrator
InterClean Equipment, Inc.
3939 Bestech Drive Suite B
Ypsilanti, MI 48197
(734) 975-2967 x221
(734) 975-1646 (fax)
 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Permissions problem...I must be overlooking somethin g...

2004-07-13 Thread David Brodbeck

 -Original Message-
 From: Mark Lidstone [mailto:[EMAIL PROTECTED]

 You've probably only put them in because of the problem you're having,
 but writeable/writable and read only are actually the same setting
 but reversed.  E.g. writeable/writable = yes is the same as 
 read only
 = no.  Therefore you only need to put one or the other.

Yes, I know.  I originally only had writable = yes, but I added the other
out of frustration with Samba insisting the share is read-only.

 Anyway, onto my suggestion.  Have you restarted samba since 
 you made the
 share writeable?

Yes, I sent the HUP signal to the daemon to tell it to re-load its
configuration file.

 Also, if you're forcing group INTERCLEAN+Domain Admins and setting
 valid users to the same, won't everyone be able to write to 
 the share
 as a domain admin?

Would they?  I figured only Domain Admins would be allowed to access the
share at all, then the force group would take effect after that.  I took
the force group line out, but it made no difference, I still can't create
any files.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Permissions problem

2004-06-25 Thread Doug Curtis

I am having problems settings permissions on files or directories.  I am
running Samba 3.0.4 with domain logins.

Let's say that I have a share where everyone in the domain has access to it
but there are a couple of files in that share that only two of the people in
the domain need access to them.  With my old NT domain, I could right-click
on the files and change the security settings.  Whenever I try to modify the
files security settings, I get an Access is denied message.  I am logging
into the domain with admin privledges.

So does this mean I have to either:

a) create a new share just for these two people?
or
b) create a group for these two people and chgrp the files to this newly
created group?
or
c) change some settings on my server because I should be able to modify a
files security settings?

Thanks,

Doug

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Permissions Problem using ADS

2004-05-03 Thread Allen Miller

I am running Samba 3.0.3 on a Red Hat Linux 9 server (Intel based).  I am
using the procedures outlined in a document found at
http://de.samba.org/samba/docs/man/unixclients.html.  My Samba server is to
be a Member Server in a W2K Active Directory (AD) domain.  The procedures
for this begin on page 13.  I perform all steps outlined and get similar
results.  On the Samba server, I created a folder called /shares/test and,
using SWAT, shared it with the share name of admin.  Below is a copy of my
smb.conf file:

# Samba config file created using SWAT
# from 192.168.2.201 (192.168.2.201)
# Date: 2004/05/03 10:26:12

# Global parameters
[global]
unix charset = LOCALE
workgroup = CALRCO
realm = LRCO.LRC
netbios name = SAMBA
security = ADS
password server = 192.168.2.190
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
wins server = 192.168.2.247, 192.168.2.240
ldap ssl = no
idmap uid = 1-2
idmap gid = 1-2
template primary group =
template shell = /bin/bash
path = /shares/admin

[printers]
comment = SMB Print Spool
path = /var/spool/samba
guest ok = Yes
printable = Yes
browseable = No

[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
admin users = root, Administrator
write list = root

[admin]
comment = Lyman Richey Corporation
path = /shares/test
valid users = '@CALRCO\Domain Admins', @admin
write list = '@CALRCO\Domain Admins', @admin
read only = No
create mask = 0777
directory mask = 0777
map acl inherit = Yes
follow symlinks = No

I run Active Directory Users and Computers and can see the Samba server.  I
can right-click on it and click Manage.  When I go to manage the shares, I
get the following error:

Microsoft Management Console
The system encountered the following errors while reading the list of
shares:
Error 5: Access is Denied.

When I browse for the share as admin from the domain controller or any other
domain member, I am prompted to login.

What am I doing wrong?

Regards,

Allen Miller
Network Administrator
Lyman-Richey Corporation
402-558-2727
mailto:[EMAIL PROTECTED]
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Permissions problem

2004-03-31 Thread Nick Thorley

I have setup samba and also winbind and have joined an active directory. 
 That part as worked and i can see domain users etc connected and the 
samba machine can list domain users.  However when i right click on a 
folder in windows and then select permissions then the option to select 
domain users is greyed out and it is defaulted to the samba machine 
users.  Please could someone tell me how i can select domain users to 
give more people access to the folder.

Thanks

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Permissions problem

2004-01-09 Thread Madison Kelly

Hi everyone (oh yeah, and I am new to the list but have a little Samba 
experience).

I have a Samba 3.0.1 install on a Fedora Core 1 (.2138 kernel non-smp - 
not that it should matter for this). I have created a group called 
osla for the users in my domain and I have Samba working properly as a 
PDC, or at least properly in so far as I can join clients to the server, 
run scripts and so forth. I am using the simple 'smbpasswd' backend and 
have made sure that users are members of the osla group and that their 
passwords are the same as the Linux 'passwd' passwords. Finally, I 
chown'ed all the files and folders in the 'public' share to 'root:osla' 
and then chmod'ed all of the same files to '775'.

My problem is that when the user runs a program from their workstation 
that needs to write to the public share it fails saying that it has 
insufficient permissions (ie: Quickbooks; app is on the client PC but 
the data file is on the Samba share). If I then chmod the effected file 
to '777' and the program suddenly works. Oh, the workstations are all 
Wind2k Pro SP4 machines.

The best I can guess is that despite the user being logged in and a 
member of osla the program must be running under another credential. 
Am I right here? Users manually can create, delete and edit folders and 
files and apps like MS Office can open and edit files.

Can anyone point me to what may be wrong and perhaps suggest a better 
way to resolve the problem without chmod'ing directories and files 777?

Many thanks!!

Madison

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Samba permissions problem

2003-02-24 Thread Paul Hong


  Hi,
  I am a newbie here.
  I am runnning Samba 2.2.3a which act as a NT workstation
  connecting to CNS-NT domain.
  When I tried to connect to Samba,  \\Bigred\home is not
  accessible, you might not have permission to use this network resource.

  Any help is greatly appreciated.

  -Paul Hong
  Samba Newbie.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] samba permissions problem

2003-02-14 Thread juan

Here is the situation.  I have setup a samba server to authenticate against
Active Directory.  I have created a group under my Linux server and created
all the accounts that need to access the share and placed them in the Linux
group on the samba server.  I gave
the group full rights to the samba share, but when a user from the group
adds to the samba share a
file or directory he or she now owns the file or new directory, and if
another user tries to add to the file or create a file or another directory
under the new created file or directory
the user gets permission denied and I have to re-apply the permissions from
the root of the samba share so the group owns everything again and not
individual users.  How can I setup the share so only the group owns it no
matter what user in the group adds to the share.


Thank you,


Juan



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] samba permissions problem

2003-02-14 Thread juan

Here is the situation.  I have setup a samba server to authenticate against
Active Directory.  I have created a group under my Linux server and created
all the accounts that need to access the share and placed them in the Linux
group on the samba server.  I gave
the group full rights to the samba share, but when a user from the group
adds to the samba share a
file or directory he or she now owns the file or new directory, and if
another user tries to add to the file or create a file or another directory
under the new created file or directory
the user gets permission denied and I have to re-apply the permissions from
the root of the samba share so the group owns everything again and not
individual users.  How can I setup the share so only the group owns it no
matter what user in the group adds to the share.


Thank you,


Juan



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] samba permissions problem

2003-02-14 Thread juan

Here is the situation.  I have setup a samba server to authenticate against
Active Directory.  I have created a group under my linux server and created
all the accounts that need to access the share on the samba server.  I gave
the group the rights to the samba share, but when a user adds to the share a
file or directory and I view the permissions under linux the owner of that
new file, or directory is not the group anymore, its the creator.  which
creates a big problem because the group needs total access to any directory
under the share and needs to have full access which I setup intially but
when a user in the group creates a file he or she own it and other users can
write to that directory.



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: samba permissions problem

2003-02-14 Thread Chris de Vidal

--- juan [EMAIL PROTECTED] wrote:
 Here is the situation.  I have setup a samba server
 to authenticate against
 Active Directory.  I have created a group under my
 linux server and created
 all the accounts that need to access the share on
 the samba server.  I gave
 the group the rights to the samba share, but when a
 user adds to the share a
 file or directory and I view the permissions under
 linux the owner of that
 new file, or directory is not the group anymore, its
 the creator.  which
 creates a big problem because the group needs total
 access to any directory
 under the share and needs to have full access which
 I setup intially but
 when a user in the group creates a file he or she
 own it and other users can
 write to that directory.

This involves a basic but obscure feature of Unix
security I didn't learn about until recently: Set
Group ID (sgid) on directories.  New files and
directories created inside it inherit the group ID,
and anyone in that group will automatically share
permissions.

You first chmod all directories (NOT files) in your
share:
find /path/to/share -type d -print0 | xargs -0 chmod
g+s
Explanation:
find = the find command, which finds files matching
criteria
/path/to/share = any directory where you want to apply
inheritence
-type d = Directories
-print0 = Print with no newlines, for xargs to read
| = run this command on the output
xargs = run a command on each line input
-0 = data comes in with no newlines
chmod = change mode
g+rwxs = read, write, execute (browse), and set group
id

Then you chgrp all files:
chgrp -R /path/to/share
Explanation:
chgrp = change group of the files/folders
-R = Recursive

Finally, add members to your group:
gpasswd -a user group
Explanation:
gpasswd = the group password command, but we're not
setting a password here
-a = Add

Have the users log out and back in again to take
effect.

From then on, all files created in that directory will
be in the same group.  The user doesn't truly matter,
as long as you have at least ---r-x--- for group
read-only directories, ---rwx--- for group writeable
directories, ---r- for group readable files,
---rw for group writeable files.  At least those
permissions.  You could then safely remove other
permissions to prevent a breech in security, as
everyone should be in that group to have access.


This is also useful with Winbind and winbind use
default domain = yes in smb.conf.  I can create a
group:

groupadd smbwrite

Add some users from my NT domain into it:

for USER in chris steve mike; do
gpasswd -a $USER smbwrite
done

Set my permissions:

find /share/mis -type d -print0 | xargs -0 chmod g+s

And then set the group ID:
chgrp -R smbwrite /share/mis


Also, sgid is the 2 bit in the first number of octal
permissions (e.g. chmod 2770 some_directory).


Don't forget to have your users log out before trying,
and good luck.
/dev/idal

__
Do you Yahoo!?
Yahoo! Shopping - Send Flowers for Valentine's Day
http://shopping.yahoo.com
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Permissions problem

2002-12-05 Thread P Ranjit Kumar





Did u 
set "encrypt passwords" smb.conf option to yes? Did you set the password using 
'smbpasswd -a username command?

Can 
you attach a levlel 10log file.

- 
Ranjit

  -Original Message-

  -Original Message-From: [EMAIL PROTECTED] 
  [mailto:[EMAIL PROTECTED]]On Behalf Of Thabu 
  PienaarSent: Thursday, December 05, 2002 2:07 PMTo: 
  [EMAIL PROTECTED]Subject: [Samba] Permissions 
  problem
  Help Please
  
  When I try to connect from Win XP Pro to my Samba 
  Server, I get this error...
  
  "Samba is not accessible. You might not have 
  permissiont o use this network resource." (attached error gif). 
  
  I have a smbpasswd file created from 
  /etc/passwd, configured exactly like my XP username and password.
  
  Thanks
  
  
  Thabu 
  Pienaar*ComputerNetWitrivier / White 
  RiverSuid-Afrika / South Africa+27 (0) 83 349-6588

[Samba] SaMBa permissions problem

2002-10-02 Thread Filipe Joel de Almeida









Hi, 



Im having a slight
problem with samba permissions.



Here goes my scenario:



Red Hat Linux 8.0 with
samba



I got a samba share public



Users can access the
share and write there what they need, but if a user creates a directory, other
users cant access it.



How can I configure
things so that everyone in the group accesses everything in the share?





Filipe Joel de Almeida

Network Consultant

[EMAIL PROTECTED]

Mobile: +351 967819600

Re: [Samba] SaMBa permissions problem

2002-10-02 Thread Bradley W. Langhorst


set a directory mask of 775


see the samba docs...
This parameter is the octal modes which are used when converting DOS
modes to UNIX modes when creating UNIX directories.

When a directory is created, the necessary permissions are
calculated according to the mapping from DOS modes to UNIX permissions,
and the resulting UNIX mode is then bit-wise 'AND'ed with this
parameter. This parameter may be thought of as a bit-wise MASK for the
UNIX modes of a directory. Any bit not set here will be removed from the
modes set on a directory when it is created.

The default value of this parameter removes the 'group' and 'other'
write bits from the UNIX mode, allowing only the user who owns the
directory to modify it.

Following this Samba will bit-wise 'OR' the UNIX mode created from
this parameter with the value of the force directory mode parameter.
This parameter is set to 000 by default (i.e. no extra mode bits are
added).

Note that this parameter does not apply to permissions set by
Windows NT/2000 ACL editors. If the administrator wishes to enforce a
mask on access control lists also, they need to set the directory
security mask.

See the force directory mode parameter to cause particular mode bits
to always be set on created directories.

See also the create mode parameter for masking mode bits on created
files, and the directory security mask parameter.

Also refer to the inherit permissions parameter.

Default: directory mask = 0755

Example: directory mask = 0775
On Wed, 2002-10-02 at 18:28, Filipe Joel de Almeida wrote:
 Hi, 
 
  
 
 I'm having a slight problem with samba permissions.
 
  
 
 Here goes my scenario:
 
  
 
 Red Hat Linux 8.0 with samba
 
  
 
 I got a samba share public
 
  
 
 Users can access the share and write there what they need, but if a user
 creates a directory, other users can't access it.
 
  
 
 How can I configure things so that everyone in the group accesses
 everything in the share?
 
  
 
 Filipe Joel de Almeida
 
 Network Consultant
 
 [EMAIL PROTECTED]
 
 Mobile: +351 967819600
 
  
 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

60 matches

Mail list logo