Michael P. Demelbauer wrote: > > > > I have encountered a weird problem (FreeBSD 8.2, samba34-3.4.14). > > A user can create files in a samba share but cannot delete files from > > it (unless she is the owner of the file). > > > > The user is a member of a group with rwx permissions on this directory > > granted by a Posix ACL entry. The user can create and delete files in > > the directory from the shell on the file server (which is correct > > according to Unix logic), but only create from the Windows client. > > > > smbd seems to be interfering somehow with unlink(). If I make the user > > the owner of the file, or a member of the file's primary group, now > > the user can delete the file. If a user is a member of some other > > group which has rwx permissions on the directory, the user can only > > create files but not delete them. > > > > Certainly it's not a Unix permission issue. There is no "read only" > > attribute on the files, no sticky bit on the directory, no weird > > UFS file flags and attributes. > > > > I have tried "acl check permissions" both yes and no with no effect. > > > > TIA for any ideas. I have seen people with similar problems, like > > http://lists.samba.org/archive/samba/2006-May/120521.html > > but never a solution. > > Sorry, I'm not a Samba-expert, but as far as I know, the following > parameter(s?) in smb.conf take care of this in our config > (samba-3.0.9-1.3E.5 on an older linux machine): > inherit permission = yes > > As far as we tested it, Linux-ACLs are working as expected with this. > > One more question: You put default permissions on your ACL-entries > (setfacl ... -m -d ... here) to define what permissions the > directory passes on?
Yes, there are default permissions (setfacl -d) on the directory but this (and permissions inheritance) should be irrelevant for my question. As I said, the directory in question has correct permissions: $ getfacl . # file: . # owner: domogatskajaev # group: ntd user::rwx group::rwx group:noc:rwx group:oe:rwx group:ptl:rwx mask::rwx other::r-x $ Yet members of groups like "noc" or "oe" (other than "ntd") cannot delete files from it unless they are owners of the file. > Or are you talking of normal UNIX-Permissions not ACLs? POSIX ACLs. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN sip:[email protected] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
