Hi,
if I connect from a winxp machine to my samba share and create a new
file, it does not get the permissions specified by "create mask" and
"force create mode" at first. Only after I modify the permissions on the
client, the file finally gets the right permissions on the server.
Thereby it does not matter what I change on the client, even if I remove
all access rights. After clicking OK, the permissions of the file would
be set to the specified (force) create mode and cannot be changed from
the client any more.
Example:
- connect to samba share from winxp
- create file "test.txt" from client
- file gets "rw--w----", but should get "rw-rw-r--" (664, see smb.conf)
- edit file permissions from winxp, e.g. delete all; click OK
- file now has "rw-rw-r--" on the server
- view permissions again in winxp; correctly mapped; cannot be altered
It's the same thing for creating directories (except that the initial
permissions differ).
When connecting from a linux client, the permissions are set correctly
on file creation. I haven't tried microsoft clients other than WinXP yet.
Any ideas how to make samba set the desired permissions right on file
creation, without manual intervention?
Here's my config:
client:
WinXP Prof. SP3
server:
OpenSUSE 11.1
Kernel 2.6.27.45-0.1-pae
Samba 3.5.4-1.1-2382-SUSE-CODE11
smb.conf:
[global]
server string = samba %h
workgroup = MNS_SVR1
encrypt passwords = Yes
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
usershare allow guests = No
local master = Yes
netbios name = MNSSVR1
os level = 65
passdb backend = tdbsam
security = user
wins support = No
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat debug = Yes
passwd chat timeout = 4
unix password sync = Yes
client lanman auth = No
client plaintext auth = No
invalid users = root @wheel
obey pam restrictions = Yes
[share1]
path = /data/samba-shares/share1
read only = No
valid users = @share-access
read list = @share-access
write list = @share-write-access
security mask = 0664
force security mode = 0664
create mode = 0664
force create mode = 0664
directory mask = 0775
force directory mode = 0775
directory security mask = 0775
force directory security mode = 0775
force group = share-write-access
browseable = Yes
writable = Yes
map archive = No
map hidden = No
map readonly = No
vfs objects = scannedonly
scannedonly:domain_socket = True
scannedonly:socketname = /var/lib/scannedonly/scannedonly-socket
Thanks,
Alex
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
