Mark
asked on
Samba4 - users cannot modify files in samba mount
More samba 4 woes. I've ugraded to Slackware-64 14.1 and samba 4.1.0. I had to make some changes to the smb.conf file to get mounts without userID or password. Now, users can create files on the share, but can't modify existing files having a different user. For example, on Linux:
> ls -l EventsCalendar.jsp OpenWith.reg
-rw-rw---- 1 mfoley ohprs 4638 2015-05-28 14:24 EventsCalendar.jsp
-rw-rw---- 1 ohprso ohprs 144 2015-06-08 10:48 OpenWith.reg
The Windows user dragged the OpenWith.reg file to the mapped drive, no problem. But the user cannot edit the EventsCalendar.jsp, even though it is group writable. If I change the owner to ohprso, the Windows user can then edit EventsCalendar.jsp - on Linux, users with ohprso group membership can edit the file.
Need to figure out how to get Samba to pay attention to the group permissions.
Smb.conf:
ohprso:x:1001:301:OHPRS Web User:/srv/tomcat/webapps/o hprs/downl oads:/bin/ bash
guest:x:1001:301:Samba guest account:/dev/null:/bin/fal se
Any ideas?
> ls -l EventsCalendar.jsp OpenWith.reg
-rw-rw---- 1 mfoley ohprs 4638 2015-05-28 14:24 EventsCalendar.jsp
-rw-rw---- 1 ohprso ohprs 144 2015-06-08 10:48 OpenWith.reg
The Windows user dragged the OpenWith.reg file to the mapped drive, no problem. But the user cannot edit the EventsCalendar.jsp, even though it is group writable. If I change the owner to ohprso, the Windows user can then edit EventsCalendar.jsp - on Linux, users with ohprso group membership can edit the file.
Need to figure out how to get Samba to pay attention to the group permissions.
Smb.conf:
[global]
netbios name = WEBSERVER
workgroup = WORKGROUP
security = user
map to guest = Bad User
hosts allow = 192.168.0. 127.
guest account = guest
passdb backend = tdbsam
[website]
comment = OHPRS Website download files
path = /srv/tomcat/webapps/ohprs
public = yes
guest ok = yes
guest only = yes
writeable = yes
browseable= yes
printable = no
create mask = 0660
directory mask = 0771
User guest is mapped to user ohprso, /etc/passwd:ohprso:x:1001:301:OHPRS Web User:/srv/tomcat/webapps/o
guest:x:1001:301:Samba guest account:/dev/null:/bin/fal
Any ideas?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks to it4soho for the detailed response
ASKER
ohprs:x:301:mfoley
Yes, I could solve this problem by doing as you suggested and changing all the files in that directory hierarchy to be owned by ohprso, but I really don't want to do that. Linux users access that directory for making jsp program updates (which the Windows users don't really do) and for creating new jsp programs. These files get created using the Linux user's ID -- which is what I want. As you can see from the /etc/group entry for ohprs, linux user mfoley is a member of that group and can update any file as long as it has group rw permission.
As you can see from the `ls -l` in my initial posting, these files do have group rw. So, no issues at all when accessing from Linux.
The problem is that Samba should also let the Windows user update files that are g+rw and are in group ohprs -- which the Samba user[s] are. So it appears that Samba is not honoring the group permissions.
This is only true since I a) changed to Samba 4.1.0 and b) modified the smb.conf file to add:
security = user
map to guest = Bad User
I did that because the Samba 3.5.8 worked with the following, which didn't work under Samaber 4.1.0
security share
So, there must be a way to get Samba 4.0.1 to honor the Linux group permission?