Solved

How to tell Samba not to create a new file when the file being modified is a symbolic link?

Posted on 2003-11-03
11
698 Views
Last Modified: 2013-12-15
I have a file:

/home/elvin/share.xls with the following permission: -rwxrwxr--

I share it with members of my group; they make a symbolic link of the file on their own directory, say:

/home/grpmate1/share.xls -> /home/elvin/share.xls

and the resulting permission is lrwxrwxrwx.


Update of the file is being done on Windows platform thru Samba. The problem is, when grpmate1 updates and saves the file, the symbolic link is replaced by a new file that is resident to his own directory:

/home/grpmate1/share.xls with permission -rwxrwxr--

His modifications will not reflect on my file, because it is no longer linked.


How can I tell Samba that it is a symbolic link and should not be replaced by a new file?
0
Comment
Question by:elvin226
  • 4
  • 4
  • 3
11 Comments
 
LVL 12

Assisted Solution

by:paullamhkg
paullamhkg earned 150 total points
ID: 9677236
it's because when excel try to save the file into the directory not the file, and the same name appear, so the real file saved into the directory instead.

I will suggest you create another folder said /share and put this file into it and share out for all the group member of grpmate1 this will be more save.

eg.

[share]
        comment = share folder for grpmate1
        path = /share
        force group = grpmate1
        read only = No
        create mask = 0770
        directory mask = 0770
        guest ok = no

so that all the file here will share in between the same group of grpmate1 and updated when change.
0
 
LVL 9

Accepted Solution

by:
majorwoo earned 100 total points
ID: 9679111
and you could link each person to that share directory, to make it more transparent to them:

cd /home/username
ln -s /share
0
 

Author Comment

by:elvin226
ID: 9711951
paullamhkg,

The configuration for share doesn't work because Samba is using the default setting for homes. In other words, it doesn't override the setting for homes.

[homes]
  comment = Home Directories
  browseable = no
  read only = no
  force create mode = 0774

I said that because the file permission becomes 0774 instead of 0770 and the owner of the file becomes grpmate1, although the link or sharing still works.

I would like to see the share setting to work before I give the points. :)
0
 
LVL 12

Expert Comment

by:paullamhkg
ID: 9712075
But I think you can create the /share (or whatever you want to name) directory and share it out through samba, after you create the /share directory and add the share into your /etc/samba/smb.conf as I suggested, than restart your samba service '/etc/rc.d/init.d/smb restart'.

or as majorwoo suggest, you put all the share file(s) into the /share directory and build a symbolic link in eash users directory (those users who will share use the file(s) ), so that you can keep your config as it is (i.e. no need to add any share in your /etc/samba/smb.conf (the samba config file) and restart the samba service ), so that when user(s) login they will get into their home directory and get into the share directory to make change to the file.
0
 
LVL 12

Expert Comment

by:paullamhkg
ID: 9712130
The difference bewteen my suggestion and majorwoo.

I used the samba service to share out a share directory so that those users will got 2 shared, one is their home directory, the second one is for comment use between those users, and you need to add group into those users eg.

groupadd share                    < this will add a new group called share into the system
usermod -G share paul          < if user paul alread added, this will make paul become the member of share
useradd  -g paul,share paul   < of user paul not add, this will make paul become the member of his own and share

and I used the create mode 0770, this will only allow the owner and the member of the group can access the files, others can't including read.

majorwoo (I hope I havn't miss understand your meaning), suggest to build the symbolic link, which you no need to add any group, but you need to have the rwxrwxrwx for the /share, and put a symbolic link on each appointed user's home direcotry, eg.

cd /home/paul
ln -s /share share

so when the paul login, he will have a folder like in his home directory called share, but the files paul create/edit may create a admin issue, since the system will put rwxr-xr-x after the file save, but I can't remember the work around for this, I think is something like the 'chroot' can make change on this, but sorry really can't remember how to, majorwoo any idea?
0
Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

 
LVL 9

Expert Comment

by:majorwoo
ID: 9712214
There are a number of ways to do it as suggested.  Personally I use both of those we are talking about here.  I share a folder /share for my users, however some of them have no idea that anything exists outside of their home directory so I put a link to it in their directory.

I would use a group (and I do) for that purpose as Paul showed - it's fairly easy to add a group and add users to the group, although I usually just edit the file directly, it seems quicker to me:

groupadd share
and then edit /etc/group
and add the people you need to it:
share:x:1111:comma,seperated,list.of,users,you,want,to,have,access
0
 

Author Comment

by:elvin226
ID: 9713721
paullamhkg:

"the files paul create/edit may create a admin issue, since the system will put rwxr-xr-x after the file save, but I can't remember the work around for this"

That is exactly what I meant when I say:

"the file permission becomes 0774 instead of 0770 and the owner of the file becomes grpmate1"

I have no problems in creating groups, that is no longer my issue.

My problem is since I'm using Samba, and Samba automatically uses the setting for [homes] and ignores the [shared], every file that has been modified becomes owned by the one who saves it. This should not be the case. How can I solve it?

To make things clearer:
paul, major and elvin are members of the group 'ourgroup'.

elvin has a file that he wants to share with paul and major:
-rwxrwxr--    elvin   ourgroup   /home/elvin/shared/myfile.txt

when paul edits the file, it becomes:
-rwxrwxr--    paul   ourgroup   /home/elvin/shared/myfile.txt

when major edits the file, it becomes:
-rwxrwxr--    major   ourgroup   /home/elvin/shared/myfile.txt

So whoever edits the file becomes the owner. I don't want that to happen. Why does Samba do it?
0
 
LVL 9

Expert Comment

by:majorwoo
ID: 9717623
Ahh, ok we were all on different pages here.  This I have never seen before:

can you paste your smb.conf here to lookover (granted it's large)
0
 

Author Comment

by:elvin226
ID: 9719275
Here it is:

; /etc/smb.conf
;
; Make sure to restart the server after making any changes.
; /etc/rc.d/init.d/smb stop
; /etc/rc.d/init.d/smb start

[global]
; Uncomment this if you want a guest account.
; guest account = nobody
log file = /var/log/samba.log
lock directory = /var/lock/samba
share modes = yes
encrypt passwords = yes
smb passwd file = /etc/smbpasswd

[homes]
comment = Home Directories
browseable = no
read only = no
force create mode = 0774

[shared]
comment = Shared Folder
path = /home1/elvin/shared
read only = no
force user = elvin
force create mode = 0770



Note that I defined a user parameter so that everytime the file is saved the owner would be me, granted that my assumption is correct, but as I said [shared] has never been used. It's always [homes].

-rwxrwx---    elvin     ourgroup    /home1/elvin/shared/myfile.txt
-rwxrwxr--    paul     ourgroup     /home1/elvin/shared/myfile.txt
-rwxrwxr--    major   ourgroup    /home1/elvin/shared/myfile.txt


0
 
LVL 12

Expert Comment

by:paullamhkg
ID: 9720227
force user (S)
This specifies a UNIX user name that will be assigned as the default user for all users connecting to this service. This is useful for sharing files. You should also use it carefully as using it incorrectly can cause security problems.

This user name only gets used once a connection is established. Thus clients still need to connect as a valid user and supply a valid password. Once connected, all file operations will be performed as the "forced user", no matter what username the client connected as. This can be very useful.

In Samba 2.0.5 and above this parameter also causes the primary group of the forced user to be used as the primary group for all file activity. Prior to 2.0.5 the primary group was left as the primary group of the connecting user (this was a bug).

See also

Default: no forced user

Example: force user = auser

So your file(s) should force to elvin upon you smb.conf.

If you using samba 3.x there is an option called username map have a look below

username map (G)
This option allows you to specify a file containing a mapping of usernames from the clients to the server. This can be used for several purposes. The most common is to map usernames that users use on DOS or Windows machines to those that the UNIX box uses. The other is to map multiple users to a single username so that they can more easily share files.

Have a check on the samba 3.x manual http://us1.samba.org/samba/docs/man/smb.conf.5.html.

But I'm still thinking there is bug in samba which make the problem you got.
0
 

Author Comment

by:elvin226
ID: 9737401
although the problem on file ownership has not been solved yet, the file sharing works--as long as the default permission gives modification privelege to group members.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Currently, there is not an RPM package available under the RHEL/Fedora/CentOS distributions that gives you a quick and easy way to allow PHP to interface with Oracle. As a result, I have included a set of instructions on how to do this with minimal …
Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now