barsalou wrote:
I've been using samba for some time and have always had a good experience.
I decided to try and configure my home network to let all my computers
talk to the samba share.
I'm stuck on one part where my OSX client, when creating new
files/directories, won't create them writeable by the group.
I've tried what seems like every combination of directory mask, force
directory mode, etc. but I'm unable to get the OSX client to create
folders with 770 permissions on any newly created folders.
What I'd like to do is find a way to "see" all the permission's that are
getting applied to that directory when it is getting created.
This isn't a production box, so I'm willing to try anything at the moment.
The good news is that it does create new files and folders...just that
other users can't modify them.
I do have logging turned up, but do not know what I should be looking for.
Scenario:
Client - OSX 10.5
Server - Ubuntu 7.04, XFS mounted /home, Samba 3.026a
Share section of smb.conf
[shared]
path = /home/shared
available = yes
browseable = yes
writable = yes
create mask = 02770
directory mask = 02770
force group = +shared
Testparm results (shared section)
[shared]
path = /home/shared
force group = +shared
read only = No
Hope I didn't forget anything.
I know this doesn't help but we are seeing the same problem, I opened a bug with apple but so far have not heard
anything back. I also sent this email to this list awhile back and did not get a response, the copy of the email I sent
is below.
--Brian
Hi all,
We are having an issue when a user writes to there home directory the
permissions change to 0600, instead of 0751 that
we have been setting in smb.conf
Here is a description of the problem:
reinstalled mac osx we have:
1) OS 10.5.0
I mounted <SAMBA SERVER> with Prof Sutherlands account
created the folder in 1703 --> test_reinstall
then copied a file to the new folder: About_Stacks.pdf
The permissions on the server for the folder are:
1703 # pwd
/home/DOMAIN/00033394/public_html/1703
humboldt 1703 # ls -la
total 116
drwxr-s--x 10 00033394 apache 4096 Aug 15 15:18 .
drwxr-s--x 18 00033394 apache 4096 Aug 14 15:04 ..
-rwxr-s--x 1 00033394 apache 6148 Aug 14 14:55 .DS_Store
-rwxr-s--x 1 00033394 apache 11152 Aug 14 13:49 CHEN_1703.html
drwxr-s--x 2 00033394 apache 4096 Aug 14 13:49 CHEN_1703_files
-rwxr-s--x 1 00033394 apache 8868 Aug 14 13:49 Homework.html
drwxr-s--x 2 00033394 apache 155 Aug 14 13:49 Homework_files
-rwxr-s--x 1 00033394 apache 10300 Aug 14 13:49 Lectures.html
drwxr-s--x 2 00033394 apache 4096 Aug 14 13:49 Lectures_files
drwxr-s--x 2 00033394 apache 28 Aug 14 13:49 Media
-rwxr-s--x 1 00033394 apache 6326 Aug 14 13:49 Schedule.html
drwxr-s--x 2 00033394 apache 4096 Aug 14 13:49 Schedule_files
drwxr-s--x 3 00033394 apache 57 Aug 14 13:49 Scripts
-rwxr-s--x 1 00033394 apache 28894 Aug 14 13:49 Syllabus.html
drwxr-s--x 2 00033394 apache 4096 Aug 14 13:49 Syllabus_files
-rwxr-s--x 1 00033394 apache 1963 Aug 14 13:49 feed.xml
-rwxr-s--x 1 00033394 apache 311 Aug 14 13:49 index.html
drwxr-s--x 2 00033394 apache 29 Aug 15 15:18 test_reinstall
test_reinstall # ls -la
total 304
drwxr-s--x 2 00033394 apache 29 Aug 15 15:19 .
drwxr-s--x 10 00033394 apache 4096 Aug 15 15:18 ..
-rwxr----- 1 00033394 apache 303444 Aug 15 15:01 About_Stacks.pdf
This works I can view the page:
http://www.che.utah.edu/~sutherland/1703/test_reinstall/
I am going to update the mac and see what happens
updated to 10.5.4
created the folder: test_reinstall_10.5.4 and the copied the file
About_Stacks.pdf to it.
perms look like this:
1703 # ls -la
total 116
drwxr-s--x 11 00033394 apache 4096 Aug 15 15:33 .
drwxr-s--x 18 00033394 apache 4096 Aug 14 15:04 ..
-rwxr-x--x 1 00033394 apache 6148 Aug 15 15:22 .DS_Store
-rwxr-s--x 1 00033394 apache 11152 Aug 14 13:49 CHEN_1703.html
drwxr-s--x 2 00033394 apache 4096 Aug 14 13:49 CHEN_1703_files
-rwxr-s--x 1 00033394 apache 8868 Aug 14 13:49 Homework.html
drwxr-s--x 2 00033394 apache 155 Aug 14 13:49 Homework_files
-rwxr-s--x 1 00033394 apache 10300 Aug 14 13:49 Lectures.html
drwxr-s--x 2 00033394 apache 4096 Aug 14 13:49 Lectures_files
drwxr-s--x 2 00033394 apache 28 Aug 14 13:49 Media
-rwxr-s--x 1 00033394 apache 6326 Aug 14 13:49 Schedule.html
drwxr-s--x 2 00033394 apache 4096 Aug 14 13:49 Schedule_files
drwxr-s--x 3 00033394 apache 57 Aug 14 13:49 Scripts
-rwxr-s--x 1 00033394 apache 28894 Aug 14 13:49 Syllabus.html
drwxr-s--x 2 00033394 apache 4096 Aug 14 13:49 Syllabus_files
-rwxr-s--x 1 00033394 apache 1963 Aug 14 13:49 feed.xml
-rwxr-s--x 1 00033394 apache 311 Aug 14 13:49 index.html
drwxr-s--x 2 00033394 apache 29 Aug 15 15:19 test_reinstall
drwxr-xr-x 2 00033394 apache 29 Aug 15 15:33 test_reinstall_10.5.4
*Note that the sticky bit is gone and has been replaced the execute bit The
perms on the file:
test_reinstall_10.5.4 # pwd
/home/DOMAIN/00033394/public_html/1703/test_reinstall_10.5.4
humboldt test_reinstall_10.5.4 # ls -la
total 304
drwxr-xr-x 2 00033394 apache 29 Aug 15 15:33 .
drwxr-s--x 11 00033394 apache 4096 Aug 15 15:33 ..
-rw------- 1 00033394 domain users 303444 Aug 15 15:01 About_Stacks.pdf
apache is not the group and the perms are 0700, this page will not work. The
issue is that the mac is dropping the sticky bit and since the sticky bit is
gone the files are being created with the wrong perms.
Here is my smb.conf
[global]
workgroup = DOMAIN
netbios name = SERVER
realm = REALM
server string = CHE file server
security = ADS
preferred master = no
client use spnego = yes
server signing = auto
encrypt passwords = yes
nt acl support = yes
acl map full control = yes
socket options = TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192
template shell = /bin/false
password server = DNS1 DNS2 *
log level = 3
log file = /var/log/samba/%m
max log size = 100
preferred master = No
dns proxy = No
wins server = WINS1 WINS2
; Winbind Settings
winbind cache time = 0
winbind nested groups = yes
allow trusted domains = No
idmap backend = idmap_rid:DOMAIN=500-100000000
idmap uid = 500-100000000
idmap gid = 500-100000000
template shell = /bin/bash
winbind use default domain = Yes
winbind separator = +
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
obey pam restrictions = yes
template homedir = /home/%D/%U
logon path = \\%L\profiles\%U\%a
logon drive = X:
# For printers
printcap name = /dev/null
load printers = no
printing = bsd
[homes]
comment = Home Directories
valid users = %D+%U
path = /home/%D/%U
read only = no
browseable = no
root preexec = /etc/samba/mkhomedir.sh '%U'
writable = yes
directory mask = 0771
force directory mode = 0771
create mask = 0751
#security mask = 0771
inherit permissions = yes
veto files =
/*.blessed/*.forward/*.bash_history/*.bash_logout/*.bash_profile/*.bashrc/
invalid users = bin daemon nobody named sys tty disk
mem kmem users
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
