Results 1 to 8 of 8

Thread: Samba lock problem

  1. #1

    Default Samba lock problem

    I replace Mandriva by openSUSE and since I can't write on my samba shares.
    I can create or remove files but not rewrite it. Smbstatus on samba server said no locked files even when a file is open on a share.

    On SUSE 11.1 cifs replace smbfs. Is there new option that I don't know ?

  2. #2
    PV NNTP User

    Default Re: Samba lock problem

    On Tue September 1 2009 08:36 am, infolab wrote:

    >
    > I replace Mandriva by openSUSE and since I can't write on my samba
    > shares.
    > I can create or remove files but not rewrite it. Smbstatus on samba
    > server said no locked files even when a file is open on a share.
    >
    > On SUSE 11.1 cifs replace smbfs. Is there new option that I don't know
    > ?
    >
    >

    infolab;

    It would help if we had a better idea of your Samba Network.

    1. Please post the contents of /etc/samba/smb.conf. You can use substitute
    values for any security/sensitive related settings.
    2. What are the Linux permissions on the files in question (i.e. those which
    you can not alter)
    3. Does this depend on any particular application that you use to alter the
    files?
    --
    P. V.
    "We're all in this together, I'm pulling for you." Red Green

  3. #3

    Default Re: Samba lock problem

    My smb.conf :

    #======================= Global Settings =====================================
    [global]

    # 1. Server Naming Options:

    workgroup = GTS
    netbios name = castor
    server string = Samba Server %v

    # 2. Printing Options:

    printcap name = cups
    load printers = yes
    printing = cups

    # 3. Logging Options:

    log file = /var/log/samba/%m.log
    max log size = 50
    log level = 3

    # 4. Security and Domain Membership Options:

    hosts allow = 192.168.0. 127.
    map to guest = never
    security = user
    encrypt passwords = yes
    smb passwd file = /etc/samba/smbpasswd
    passwd program = /usr/bin/passwd '%u'

    # 5. Browser Control and Networking Options:
    unix extensions = no
    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
    local master = yes
    os level = 33
    domain master = yes
    preferred master = yes

    # 6. Domain Control Options:

    domain logons = yes
    logon script = logon.bat
    logon path = \\%L\Profiles\%U
    logon home = \\%L\%U\.profile
    add user script = /usr/sbin/useradd -s /bin/false '%u'
    delete user script = /usr/sbin/userdel '%s'
    add user to group script = /usr/bin/gpasswd -a '%u' '%g'
    delete user from group script = /usr/bin/gpasswd -d '%u' '%g'
    set primary group script = /usr/sbin/usermod -g '%g' '%u'
    add group script = /usr/sbin/groupadd %g && getent group '%g'|awk -F: '{print $3}'
    delete group script = /usr/sbin/groupdel '%g'

    # 7. Name Resolution Options:

    name resolve order = wins lmhosts bcast
    wins support = yes
    dns proxy = no

    # 8. File Naming Options:

    preserve case = yes
    short preserve case = yes
    default case = upper
    case sensitive = no
    dos charset = 850
    unix charset = UTF-8

    #============================ Share Definitions ==============================

    [homes]
    browseable = no
    writable = yes

    [agl]
    force create mode = 0664
    force directory mode = 0774
    inherit acls = yes
    inherit permissions = yes
    oplocks = no
    level2 oplocks = no
    path = /agl
    writable = yes
    valid users = +agl
    preserve case = no
    short preserve case = no
    default case = upper
    case sensitive = no

    [data]
    force create mode = 0664
    force directory mode = 0774
    inherit acls = yes
    inherit permissions = yes
    oplocks = no
    level2 oplocks = no
    path = /data
    writable = yes
    valid users = +gts,+agl
    preserve case = no
    short preserve case = no
    default case = lower
    case sensitive = no

    [test]
    force create mode = 0664
    force directory mode = 0774
    inherit acls = yes
    inherit permissions = yes
    oplocks = no
    level2 oplocks = no
    path = /test
    writable = yes
    force group = agl
    force user = advantage
    valid users = +agl
    preserve case = no
    short preserve case = no
    default case = lower
    case sensitive = no

    [user]
    force create mode = 0666
    force directory mode = 0777
    inherit acls = no
    inherit permissions = no
    oplocks = no
    level2 oplocks = no
    path = /user
    writable = yes
    valid users = +gts

    [media]
    force create mode = 0666
    force directory mode = 0777
    inherit acls = yes
    inherit permissions = yes
    oplocks = yes
    level2 oplocks = yes
    path = /multimedia
    writable = yes
    valid users = +gts

    [netlogon]
    comment = Network Logon Service
    path = /var/lib/samba/netlogon
    guest ok = no
    writable = no

    [Profiles]
    path = /var/lib/samba/profiles
    browseable = no
    guest ok = no
    writable = yes

    [printers]
    comment = All Printers
    path = /var/spool/samba
    browseable = no
    writable = no
    printable = yes
    create mode = 0700
    guest ok = no

    # =====================================
    # print command: see above for details.
    # =====================================
    print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers.
    use client driver = yes

    [print$]
    path = /var/lib/samba/printers
    browseable = yes
    write list = @adm root
    guest ok = no
    inherit permissions = yes

  4. #4
    PV NNTP User

    Default Re: Samba lock problem

    On Wed September 2 2009 07:16 am, infolab wrote:

    >
    > My smb.conf :
    >
    > #======================= Global Settings
    > =====================================
    > [global]
    >
    > # 1. Server Naming Options:
    >
    > workgroup = GTS
    > netbios name = castor
    > server string = Samba Server %v
    >
    > # 2. Printing Options:
    >
    > printcap name = cups
    > load printers = yes
    > printing = cups

    ;inserted by P.V.
    cups option = raw
    >
    > # 3. Logging Options:
    >
    > log file = /var/log/samba/%m.log
    > max log size = 50
    > log level = 3

    ;Try this temporarily:
    log level = 1 auth:3
    >
    > # 4. Security and Domain Membership Options:
    >
    > hosts allow = 192.168.0. 127.
    > map to guest = never
    > security = user
    > encrypt passwords = yes
    > smb passwd file = /etc/samba/smbpasswd
    > passwd program = /usr/bin/passwd '%u'
    >
    > # 5. Browser Control and Networking Options:
    > unix extensions = no
    > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

    ; Try replacing the above by:
    socket options = TCP_NODELAY
    ;Modern kernels are much better able to optimize the Buffers and the last two
    ;are now generally thought as obsolete.

    > local master = yes
    > os level = 33

    ; I would set this as a higher number, say 65
    > domain master = yes
    > preferred master = yes
    >
    > # 6. Domain Control Options:
    >
    > domain logons = yes
    > logon script = logon.bat
    > logon path = \\%L\Profiles\%U
    > logon home = \\%L\%U\.profile
    > add user script = /usr/sbin/useradd -s /bin/false '%u'
    > delete user script = /usr/sbin/userdel '%s'
    > add user to group script = /usr/bin/gpasswd -a '%u' '%g'
    > delete user from group script = /usr/bin/gpasswd -d '%u' '%g'
    > set primary group script = /usr/sbin/usermod -g '%g' '%u'
    > add group script = /usr/sbin/groupadd %g && getent group '%g'|awk
    > -F: '{print $3}'
    > delete group script = /usr/sbin/groupdel '%g'
    >
    > # 7. Name Resolution Options:
    >
    > name resolve order = wins lmhosts bcast
    > wins support = yes
    > dns proxy = no
    >
    > # 8. File Naming Options:
    >
    > preserve case = yes
    > short preserve case = yes
    > default case = upper
    > case sensitive = no
    > dos charset = 850
    > unix charset = UTF-8
    >
    > #============================ Share Definitions
    > ==============================
    >
    > [homes]
    > browseable = no
    > writable = yes

    ;Add these to the [homes] section
    inherit acls = YES
    valid users = %S, %D%w%S
    >
    > [agl]
    > force create mode = 0664
    > force directory mode = 0774
    > inherit acls = yes
    > inherit permissions = yes
    > oplocks = no
    > level2 oplocks = no
    > path = /agl
    > writable = yes
    > valid users = +agl
    > preserve case = no
    > short preserve case = no
    > default case = upper
    > case sensitive = no
    >
    > [data]
    > force create mode = 0664
    > force directory mode = 0774
    > inherit acls = yes
    > inherit permissions = yes
    > oplocks = no
    > level2 oplocks = no
    > path = /data
    > writable = yes
    > valid users = +gts,+agl
    > preserve case = no
    > short preserve case = no
    > default case = lower
    > case sensitive = no
    >
    > [test]
    > force create mode = 0664
    > force directory mode = 0774
    > inherit acls = yes
    > inherit permissions = yes
    > oplocks = no
    > level2 oplocks = no
    > path = /test
    > writable = yes
    > force group = agl
    > force user = advantage
    > valid users = +agl
    > preserve case = no
    > short preserve case = no
    > default case = lower
    > case sensitive = no
    >
    > [user]
    > force create mode = 0666
    > force directory mode = 0777
    > inherit acls = no
    > inherit permissions = no
    > oplocks = no
    > level2 oplocks = no
    > path = /user
    > writable = yes
    > valid users = +gts
    >
    > [media]
    > force create mode = 0666
    > force directory mode = 0777
    > inherit acls = yes
    > inherit permissions = yes
    > oplocks = yes
    > level2 oplocks = yes
    > path = /multimedia
    > writable = yes
    > valid users = +gts
    >
    > [netlogon]
    > comment = Network Logon Service
    > path = /var/lib/samba/netlogon
    > guest ok = no
    > writable = no
    >
    > [Profiles]
    > path = /var/lib/samba/profiles
    > browseable = no
    > guest ok = no
    > writable = yes
    >
    > [printers]
    > comment = All Printers
    > path = /var/spool/samba

    ; try:
    path = /var/tmp
    > browseable = no
    > writable = no
    > printable = yes
    > create mode = 0700

    ;replace the above by:
    create mask = 600
    > guest ok = no
    >
    > # =====================================
    > # print command: see above for details.
    > # =====================================


    > print command = lpr-cups -P %p -o raw %s -r

    ; Remove the above, it should not be needed
    > # using client side printer drivers.
    > use client driver = yes
    >

    <snip>
    >
    >

    infolab;

    Above I've added some comments on your smb.conf. I don't think they have any
    relation to your problem but will tie up a few loose ends. In your original
    post you asked about locking. Nothing has changed here in a long time, so
    the problem is most likely a configuration/permission problem.

    1. Can you please respond to my other two questions? First what are the nix
    permissions on a file you can not alter (and the surrounding directory)
    post the results of:
    Code:
    ls -l <path to affected directory>
    e.g.
    ls -l /test
    I only want to see the permissions on the one file and directory that are
    problematic, so you can trim the results of the above is you want.
    Secondly does this depend on any particular application?

    2. I am thinking this may be a permission problem. In the above comments I
    suggested the following parameter in your smb.conf:
    Code:
    log level =1 auth:3
    This will suppress a lot of extra stuff in your logs and let you see how users
    are authenticating. You can find the logs in /var/log/samba. Look at the
    log for one of the clients (where the rewrite fails) to see if there is
    anything stands out. Remember that Samba must obey the "nix" permissions.

    3. In many of your shares you have:
    inherit permissions = yes.
    Setting this overrides the "force create mode", force directory mode and any
    masks/modes. So unless the surrounding directory has the correct permissions
    the permissions on the files you create may not be correct.

    4. While your try to solve this, you should try working with just one share
    at a time. I am guessing that [test] would be a good choice and that this
    was added for trouble shooting. Try a share like this to see if things work
    out.
    Code:
    [test]
    force create mode        = 0775
    force directory mode = 2775
    inherit acls     = yes
    path             = /test
    writable                 = yes
    force group              = agl
    force user               = advantage
    If you do not want to change your current [test], just alter the name and path
    to your liking and add it to /etc/samba/smb.conf. After we get a working
    share you can add back parameters until it breaks and then back off.

    5. Lastly, some recent Samba releases had a bug with "force group". I don't
    think that this applies here, but just for completeness can you post the
    results of:
    Code:
    smbd -V
    If you have any concerns about the parameters I've suggested you can view
    details with:
    man smb.conf

    You should also check your configuration file with:
    Code:
    testparm /etc/samba/smb.conf




    --
    P. V.
    "We're all in this together, I'm pulling for you." Red Green

  5. #5

    Default Re: Samba lock problem

    Don't forget : I can read and write in my shares. I can't only rewrite.
    I have no problem with Windows XP. I have only problem with Linux when cifs is used.
    Samba version is 3.0.24.

  6. #6
    PV NNTP User

    Default Re: Samba lock problem

    On Thu September 3 2009 08:46 am, infolab wrote:

    >
    > Don't forget : I can read and write in my shares. I can't only rewrite.
    > I have no problem with Windows XP. I have only problem with Linux when
    > cifs is used.
    > Samba version is 3.0.24.
    >
    >

    infolab;
    Are you saying that only Linux clients have this problem but not XP clients
    when accessing your openSuSE 11.1 server?

    I'm still interested in the answers to my questions. If the sticky bit is set
    on a directory, files can only be removed by the owner. Applications such as
    Word or OpenOffice will first create a new copy, and then delete the old copy
    and rename the edited file. If you can not delete a file, you can not edit
    it.
    --
    P. V.
    "We're all in this together, I'm pulling for you." Red Green

  7. #7

    Default Re: Samba lock problem

    I think the problem is between cifs and the samba server version.
    I have no problem with XP. With Linux cifs, I can write or delete a file but not rewrite a file. I try to set uid and gid in the mount, but this does'nt remove the problem.
    My samba server is a Mandriva 2008 server

  8. #8

    Default Re: Samba lock problem

    I solve my problem upgrading my samba server to version 3.4.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •