no write permission on cifs mount

I am trying to cifs mount a remote samba mount: //OHPRSstorage/marks on local folder /mnt/tmp. No matter what I try, when a local user tries to create a file in /mnt/tmp he gets the message:

$ touch /mnt/tmp/wertwet
touch: cannot touch `/mnt/tmp/wertwet': Permission denied

However, it does create the file (so why does it say permission denied?) but with permissions:

$ ls -l /mnt/tmp/wertwet
-rw-r----- 1 ohprso ohprs  0 2013-06-05 00:44 wertwet

The user cannot modify the file, but if the file's group permissions are changed to rw, the user can then modify the file.

On the local host I have tried:

mount.cifs //OHPRSstorage/marks /mnt/tmp -o rw,guest,uid=ohprso,gid=ohprs,file_mode=0660,dir_mode=0771

mount.cifs //OHPRSstorage/marks /mnt/tmp -o rw,username=nobody,guest,uid=ohprso,gid=ohprs,file_mode=0660,dir_mode=0771

and numerous other permutations.

On the OHPRSstorage host, the smb.conf entries are

netbios name = OHPRSSTORAGE
   workgroup = WORKGROUP
   security = share
   hosts allow = 192.168.0. 127.
load printers = no
printcap name = /dev/null
printing = bsd
disable spoolss = yes
   log file = /var/log/samba.%m
   max log size = 50
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   dns proxy = no

path = /mnt/hd
public = yes
guest ok = yes
guest only = yes
writeable = yes
browseable= yes
printable = no
create mask = 0660
force create mode = 0660
directory mask = 0771

Open in new window

the target directory OHPRSstorage:/mnt/hd has the following permissions:

drwxrwxrwx 2 nobody nogroup 4096 2013-06-05 00:48 hd/

I'm using Samba version 3.5.8 and mount.cifs version 5.6

I've been working on this for 2 days and am completely out of ideas. How can I get files created on the cifs mount to have 0660 permissions, not 0640?
Who is Participating?

Improve company productivity with a Business Account.Sign Up

jmarkfoleyConnect With a Mentor Author Commented:
Problem solved. As I thought, the resolution is to use NFS, not CIFS. CIFS works great for Windows mounting samba -- it even gives it the 0660/0771 permissions that I specifiy in the smb.conf file. Unix-to-Unix, however, is another story. After doing more googling I've found that numerous people have the same problem trying to cifs mount a remote unix folder on unix. None of these threads I've perused have any resolution. I finally tried NFS and it seems to work just fine. Here's my solution:

On the hosting computer: I have a md RAID filesystem mounted at /mnt/RAID. This filesystem contains several directories, one of which is 'n'.

In the hosting /etc/exports I added the entry:

You can read the exports man page for details on these options, but basically, the 'squash' options cause any connecting user (including root) to re-map to the "anonymous" user's id and group. The anaonuid and anongid options specify what the anonymous user's uid and gid, respectively, will be. These ids correspond to a particular user and group on the remote connecting computers AND, most importantly, they correspond the the user and group of the 'guest' account specified in the local smb.conf. This way, whether a user is connecting from a Windows workstation using samba, or a linux host using nfs, they will all access this mount as the same user/group.

Finally, on the hosting computer, I made /etc/rc.d/rc.nfsd executable and ran:
/etc/rc.d/rc.nfsd start

On the remote, mounting host:
I added the following to /etc/fstab, where "ohprsstorage" is the hostname of the hosting computer:

ohprsstorage:/mnt/RAID/n   /mnt/n     nfs  nfsvers=3,rw   0  0

I made /etc/rc.d.rc.rpc executable and ran:

$ /etc/rc.d/rc.rpc start
$ mount /mnt/n

It all seems to be working fine. My user's umask on the remote mounting host is 0007, and files I create on the nfs mounted directory get created with 0664 (I still want 0660, but no big deal for the moment), and with the userid and groupid specified in the exports file. No 'permission denied' or 0640 permissions making it impossible for me to create or update files. I have group r/w permissions for the 10001.301 user so only linux users with group permission can access the nfs mounted files ... just like a real Unix filesystem!

I'll leave this open a bit longer for any final thought, refutations, smirks, etc.
jmarkfoleyAuthor Commented:
Some progress. I'm beginning to assume that the default 'guest' account specified in smb.conf -- which defaults to nobody.nogroup -- is for guest/read-ony access only (although I was able to create the file despite the permission denied message). Can someone confirm?

I've changed the hosting computer's smb.conf to add the line:

guest account = ohprso

and I've added an ohprso user to the hosting computer. I then did

$ chown -R ohprso /mnt/hd       # this is the samba path

on the hosting computer.

On the local computer, I did:

mount.cifs //OHPRSstorage/marks -o rw,user=ohprso,guest,gid=ohprs,file_mode=0660 /mnt/tmp

This actually allows users to create and modify files with no permission denied mesage.  HOWEVER, it *STILL* ignores the file_mode=0660 in the mount.cifs command and the create mask = 0660 in the smb.conf, and continues to create the files with 0640!!!! The user can chmod g+w successfully, but this is not desirable. If I also specify uid=whoever it puts me back to the permission denied status.

Still need help on this. How to get 0660 permissions? Why is file_mode and create mask ignored?
jmarkfoleyAuthor Commented:
I'm wrong. the uid for ohprso on the remote computer happened to correspond to the uid for the local user, therefore the files got created by the local user. If a different local user tried to create the file, same permission denied message. So, back to square one.

I'm beginning to think Samba doesn't really work as advertised.
Build your data science skills into a career

Are you ready to take your data science career to the next step, or break into data science? With Springboard’s Data Science Career Track, you’ll master data science topics, have personalized career guidance, weekly calls with a data science expert, and a job guarantee.

What's the log file say?
Try echo x > file instead of touch file.
Maybe the error message comes from the fact that the program can create the file, but cannot change the timestamp.
This won't solve your main issue, but explain one of the mysteries.
jmarkfoleyAuthor Commented:
DrDamnit: > What's the log file say?

No entry at all.

msifox: I tried echo and was kicked out immediately with Permission denied. It did create the empty file though. I also tried emacs and likewise, it would not save the file, but did create it. In both cases 0640 permissions.

If I have the same uid on the local host as the guest account's on the samba host, it can read and write the files, but still with 0640 even though I believe 0660 is specified everywhere.

The requirement seems simple: do a samba mount that anyone can read/write w/o having to have all users listed in the remote password file.

I'm thinking of reverting to nfs!
jmarkfoleyAuthor Commented:
I figured out a solution.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.