On 06/02/2011 02:23 PM, TLoD,Snake wrote: > On 06/02/2011 03:58 AM, Jeremy Allison wrote: >> On Wed, Jun 01, 2011 at 02:02:03PM +0400, TLoD,Snake wrote: >>> On 05/31/2011 10:26 PM, Jeremy Allison wrote: >>>> On Tue, May 31, 2011 at 07:43:16PM +0400, TLoD,Snake wrote: >>>>> Hello! >>>>> >>>>> I have samba share on my sshfs-mounted folder. All works just >>>>> fine except I can't delete files from sshfs unless they are in >>>>> 0777 chmodded directory. Even if that files were putted trough >>>>> smbclient. I can read files, write files (regardless their >>>>> directory permissions) but not delete them. >>>>> >>>>> Here is my share config: >>>>> >>>>> [myshare] comment = shre over sshfs path = >>>>> /home/kli/work/remotes/dev valid users = kli public = no >>>>> writable = yes printable = no delete readonly = yes read only >>>>> = no force group = kli force user = kli >>>> >>>> Post a debug level 10 log snippet of smbclient attempting to >>>> delete files. >>> >>> [2011/06/01 13:57:16, 3] param/loadparm.c:9039(lp_load_ex) >>> lp_load_ex: refreshing parameters >> >> Sorry, this is the client log - I meant a debug level 10 log snipped >> from smbd when you're trying to delete files using smbclient. >> >> Jeremy. > > I hope this is right part of logfile cause it's quite large. > > [2011/06/02 14:08:00, 10] smbd/posix_acls.c:838(print_canon_ace_list) > > print_canon_ace_list: canonicalise_acl: ace entries after arrange > > canon_ace index 0. Type = allow SID = S-1-22-1-65534 uid 65534 > (nobody) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx > canon_ace index 1. Type = allow SID = S-1-22-2-65534 gid 65534 > (nobody) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-- > canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER > ace_flags = 0x0 perms r-- > [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) > > map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1e01ff > > [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) > > map_canon_ace_perms: Mapped (UNIX) 100 to (NT) 120089 > > [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) > > map_canon_ace_perms: Mapped (UNIX) 100 to (NT) 120089 > > [2011/06/02 14:08:00, 10] smbd/open.c:113(check_open_rights) > > check_open_rights: file examplelk.ru/aaa requesting 0x10000 returning > 0x10000 (NT_STATUS_ACCESS_DENIED) > [2011/06/02 14:08:00, 10] smbd/posix_acls.c:3372(posix_get_nt_acl) > > posix_get_nt_acl: called for file examplelk.ru > > [2011/06/02 14:08:00, 10] smbd/posix_acls.c:2522(canonicalise_acl) > > canonicalise_acl: Access ace entries before arrange : > > [2011/06/02 14:08:00, 10] smbd/posix_acls.c:2535(canonicalise_acl) > > canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER > ace_flags = 0x0 perms r-x > [2011/06/02 14:08:00, 10] smbd/posix_acls.c:2535(canonicalise_acl) > > canon_ace index 1. Type = allow SID = S-1-22-2-65534 gid 65534 > (nobody) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x > [2011/06/02 14:08:00, 10] smbd/posix_acls.c:2535(canonicalise_acl) > > canon_ace index 2. Type = allow SID = S-1-22-1-65534 uid 65534 > (nobody) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx > [2011/06/02 14:08:00, 10] smbd/posix_acls.c:838(print_canon_ace_list) > > print_canon_ace_list: canonicalise_acl: ace entries after arrange > > canon_ace index 0. Type = allow SID = S-1-22-1-65534 uid 65534 > (nobody) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx > canon_ace index 1. Type = allow SID = S-1-22-2-65534 gid 65534 > (nobody) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x > canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER > ace_flags = 0x0 perms r-x > [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) > > map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff > > [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) > > map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 > > [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) > > map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 > > [2011/06/02 14:08:00, 10] smbd/open.c:496(open_file) > > open_file: Access denied on file examplelk.ru/aaa > > [2011/06/02 14:08:00, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) > > Unlocking key 0E000000000000005C70 > > [2011/06/02 14:08:00, 5] smbd/files.c:474(file_free) > > freed files structure 4932 (0 used) > > [2011/06/02 14:08:00, 10] smbd/open.c:3186(create_file_unixpath) > > create_file_unixpath: NT_STATUS_ACCESS_DENIED > > [2011/06/02 14:08:00, 10] smbd/open.c:3465(create_file_default) > > create_file: NT_STATUS_ACCESS_DENIED > > [2011/06/02 14:08:00, 10] smbd/reply.c:2402(do_unlink) > > SMB_VFS_CREATEFILE failed: NT_STATUS_ACCESS_DENIED > > [2011/06/02 14:08:00, 3] smbd/error.c:60(error_packet_set) > > error packet at smbd/reply.c(2637) cmd=6 (SMBunlink) > NT_STATUS_ACCESS_DENIED
Also I think I have to say that all files on remote server are owned by remote server's 'nobody'. As I saw in logfile samba tries to locate such a nobody locally which is wrong cause sshfs will handle translation local user (any local user due to 'allow_other' option) to remote nobody (as it's mounted with remote nobody rights) itself. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
