Solved

Samba Server & Client see share permissions differently

Posted on 2004-09-23
6
183 Views
Last Modified: 2010-03-18
On client, login as root, and mount a server's share:

mount -t smbfs -o username=adam,password=bar //192.168.0.23/stores /mnt/server

cd /mnt/server

ls -al

drwxr-xr-x      1   root    root    4096 Sep 23 10:50   .  
drwxr-xr-x      1   root    root    4096 Sep 19 07:33   . .

touch fromroot

ls -al

drwxr-xr-x      1   root    root    4096 Sep 23 10:50   .  
drwxr-xr-x      1   root    root    4096 Sep 19 07:33   . .
 rwxr-xr-x      1   root    root    4096 Sep 23 10:53   fromroot


On the client, exit and login as foo. The share is still mounted, but you can unmount and re-mount it if you want - foo is a member of group root and also a sudoer.

Either way, try to create a file:

cd /mnt/server

touch fromfoo

touch: creating `fromfoo': Permission denied.

Well, sure, that makes sense, after all the directory is owned by root, and it's 755, so only root can write on it...

But, does the directory really belong to root? The server doesn't think so, because if you look at that directory on the server (instead of from the client), you see:

drwxrwxrwx      8   foo    managers    4096 Sep 23 10:50   /usr/data/stores  

Is this caused by the serve or the client? I'm inclined to believe it's the client, because we CAN create a file from a W98 client.

What setup on server and/or client do we need in order to be able to see the "real" permissions - or if we can't do that, what do we do other than being root to be able to create files on the server's share?
0
Comment
Question by:markofenstein
6 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 12136569
The problem is that /mnt/server is owned by root and 755 on the client system.

If foo is the only user mounting this share, /mnt/server should be owned by foo.

Otherwise, each user mounting this share should have their own directory, owned by them, to mount it to.
0
 

Author Comment

by:markofenstein
ID: 12138166
> The problem is that /mnt/server is owned by root and 755 on the client system.
>
> If foo is the only user mounting this share, /mnt/server should be owned by foo.
>
>Otherwise, each user mounting this share should have their own directory, owned by them, to mount it to.

No, actually the /mnt/server IS owned by foo on the client (and is 777) - at least until it's mounted, then it suddenly belongs to root (and 755), even though it's also owned by foo (and 777) on the server as well.


0
 

Author Comment

by:markofenstein
ID: 12139943
I think I've solved this one...  or at least found a workaround

mount -t smbfs -o username=adam,password=bar,uid=foo,gid=managers //192.168.0.23/stores /mnt/server

This doesn't fix the permissions, but at least it lets foo own it.
0
 
LVL 2

Expert Comment

by:garak1357
ID: 12375145
You can't fix the permissions the way you want to.  When you mount a share, you're basicly setting three sets of permissions on one directory.  The first set is the owner of the directory before it was mounted.  The second (and really most important as you found out) is the user who mounted the share.  The third are the permissions set on the remote share you mounted.

Personally, I create a Samba group for mounting shares.  It makes managing permissions much easier.  I pulled my hair out a year ago trying to learn the ins and outs of the problems you are running into.  For an OS that is as logical as Linux, this samba mounting thing is screwy.  Good luck.
0
 

Accepted Solution

by:
CetusMOD earned 0 total points
ID: 16238614
PAQed with points refunded (500)

CetusMOD
Community Support Moderator
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now