I replace Mandriva by openSUSE and since I can’t write on my samba shares.
I can create or remove files but not rewrite it. Smbstatus on samba server said no locked files even when a file is open on a share.

On SUSE 11.1 cifs replace smbfs. Is there new option that I don’t know ?

On Tue September 1 2009 08:36 am, infolab wrote:

>
> I replace Mandriva by openSUSE and since I can’t write on my samba
> shares.
> I can create or remove files but not rewrite it. Smbstatus on samba
> server said no locked files even when a file is open on a share.
>
> On SUSE 11.1 cifs replace smbfs. Is there new option that I don’t know
> ?
>
>
infolab;

It would help if we had a better idea of your Samba Network.

1. Please post the contents of /etc/samba/smb.conf. You can use substitute
   values for any security/sensitive related settings.
2. What are the Linux permissions on the files in question (i.e. those which
   you can not alter)
3. Does this depend on any particular application that you use to alter the
   files?
   –
   P. V.
   “We’re all in this together, I’m pulling for you.” Red Green

My smb.conf :

#======================= Global Settings =====================================
[global]

1. Server Naming Options:

workgroup	  = GTS
netbios name  = castor
server string = Samba Server %v

2. Printing Options:

printcap name = cups
load printers = yes
printing 	  = cups

3. Logging Options:

log file 	 = /var/log/samba/%m.log
max log size = 50
log level	 = 3

4. Security and Domain Membership Options:

hosts allow 	= 192.168.0. 127.
map to guest 	= never
security 		= user
encrypt passwords	= yes
smb passwd file	= /etc/samba/smbpasswd
passwd program 	= /usr/bin/passwd '%u'

5. Browser Control and Networking Options:

unix extensions 	= no
socket options  	= TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master	= yes
os level		= 33
domain master	= yes 
preferred master 	= yes

6. Domain Control Options:

domain logons = yes
logon script  = logon.bat
logon path    = \\%L\Profiles\%U
logon home    = \\%L\%U\.profile
add user script 			= /usr/sbin/useradd -s /bin/false '%u'
delete user script			= /usr/sbin/userdel '%s'
add user to group script 		= /usr/bin/gpasswd -a '%u' '%g'
delete user from group script	= /usr/bin/gpasswd -d '%u' '%g'
set primary group script		= /usr/sbin/usermod -g '%g' '%u'
add group script			= /usr/sbin/groupadd %g && getent group '%g'|awk -F: '{print $3}'
delete group script 		= /usr/sbin/groupdel '%g'

7. Name Resolution Options:

name resolve order  = wins lmhosts bcast
wins support 	= yes
dns proxy 		= no

8. File Naming Options:

preserve case 	= yes
short preserve case = yes
default case 	= upper
case sensitive 	= no
dos charset		= 850
unix charset	= UTF-8 

#============================ Share Definitions ==============================

[homes]
browseable = no
writable = yes

[agl]
force create mode = 0664
force directory mode = 0774
inherit acls = yes
inherit permissions = yes
oplocks = no
level2 oplocks = no
path = /agl
writable = yes
valid users = +agl
preserve case = no
short preserve case = no
default case = upper
case sensitive = no

[data]
force create mode = 0664
force directory mode = 0774
inherit acls = yes
inherit permissions = yes
oplocks = no
level2 oplocks = no
path = /data
writable = yes
valid users = +gts,+agl
preserve case = no
short preserve case = no
default case = lower
case sensitive = no

[test]
force create mode = 0664
force directory mode = 0774
inherit acls = yes
inherit permissions = yes
oplocks = no
level2 oplocks = no
path = /test
writable = yes
force group = agl
force user = advantage
valid users = +agl
preserve case = no
short preserve case = no
default case = lower
case sensitive = no

[user]
force create mode = 0666
force directory mode = 0777
inherit acls = no
inherit permissions = no
oplocks = no
level2 oplocks = no
path = /user
writable = yes
valid users = +gts

[media]
force create mode = 0666
force directory mode = 0777
inherit acls = yes
inherit permissions = yes
oplocks = yes
level2 oplocks = yes
path = /multimedia
writable = yes
valid users = +gts

[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
guest ok = no
writable = no

[Profiles]
path = /var/lib/samba/profiles
browseable = no
guest ok = no
writable = yes

[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
writable = no
printable = yes
create mode = 0700
guest ok = no

=====================================

print command: see above for details.

=====================================

print command 	= lpr-cups -P %p -o raw %s -r   # using client side printer drivers.
use client driver 	= yes

[print$]
path = /var/lib/samba/printers
browseable = yes
write list = @adm root
guest ok = no
inherit permissions = yes

On Wed September 2 2009 07:16 am, infolab wrote:

>
> My smb.conf :
>
> #======================= Global Settings
> =====================================
> [global]
>
> # 1. Server Naming Options:
>
> workgroup = GTS
> netbios name = castor
> server string = Samba Server %v
>
> # 2. Printing Options:
>
> printcap name = cups
> load printers = yes
> printing = cups
;inserted by P.V.
cups option = raw
>
> # 3. Logging Options:
>
> log file = /var/log/samba/%m.log
> max log size = 50
> log level = 3
;Try this temporarily:
log level = 1 auth:3
>
> # 4. Security and Domain Membership Options:
>
> hosts allow = 192.168.0. 127.
> map to guest = never
> security = user
> encrypt passwords = yes
> smb passwd file = /etc/samba/smbpasswd
> passwd program = /usr/bin/passwd ‘%u’
>
> # 5. Browser Control and Networking Options:
> unix extensions = no
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
; Try replacing the above by:
socket options = TCP_NODELAY
;Modern kernels are much better able to optimize the Buffers and the last two
;are now generally thought as obsolete.

> local master = yes
> os level = 33
; I would set this as a higher number, say 65
> domain master = yes
> preferred master = yes
>
> # 6. Domain Control Options:
>
> domain logons = yes
> logon script = logon.bat
> logon path = \%L\Profiles%U
> logon home = \%L%U.profile
> add user script = /usr/sbin/useradd -s /bin/false ‘%u’
> delete user script = /usr/sbin/userdel ‘%s’
> add user to group script = /usr/bin/gpasswd -a ‘%u’ ‘%g’
> delete user from group script = /usr/bin/gpasswd -d ‘%u’ ‘%g’
> set primary group script = /usr/sbin/usermod -g ‘%g’ ‘%u’
> add group script = /usr/sbin/groupadd %g && getent group ‘%g’|awk
> -F: ‘{print $3}’
> delete group script = /usr/sbin/groupdel ‘%g’
>
> # 7. Name Resolution Options:
>
> name resolve order = wins lmhosts bcast
> wins support = yes
> dns proxy = no
>
> # 8. File Naming Options:
>
> preserve case = yes
> short preserve case = yes
> default case = upper
> case sensitive = no
> dos charset = 850
> unix charset = UTF-8
>
> #============================ Share Definitions
> ==============================
>
> [homes]
> browseable = no
> writable = yes
;Add these to the [homes] section
inherit acls = YES
valid users = %S, %D%w%S
>
> [agl]
> force create mode = 0664
> force directory mode = 0774
> inherit acls = yes
> inherit permissions = yes
> oplocks = no
> level2 oplocks = no
> path = /agl
> writable = yes
> valid users = +agl
> preserve case = no
> short preserve case = no
> default case = upper
> case sensitive = no
>
> [data]
> force create mode = 0664
> force directory mode = 0774
> inherit acls = yes
> inherit permissions = yes
> oplocks = no
> level2 oplocks = no
> path = /data
> writable = yes
> valid users = +gts,+agl
> preserve case = no
> short preserve case = no
> default case = lower
> case sensitive = no
>
> [test]
> force create mode = 0664
> force directory mode = 0774
> inherit acls = yes
> inherit permissions = yes
> oplocks = no
> level2 oplocks = no
> path = /test
> writable = yes
> force group = agl
> force user = advantage
> valid users = +agl
> preserve case = no
> short preserve case = no
> default case = lower
> case sensitive = no
>
> [user]
> force create mode = 0666
> force directory mode = 0777
> inherit acls = no
> inherit permissions = no
> oplocks = no
> level2 oplocks = no
> path = /user
> writable = yes
> valid users = +gts
>
> [media]
> force create mode = 0666
> force directory mode = 0777
> inherit acls = yes
> inherit permissions = yes
> oplocks = yes
> level2 oplocks = yes
> path = /multimedia
> writable = yes
> valid users = +gts
>
> [netlogon]
> comment = Network Logon Service
> path = /var/lib/samba/netlogon
> guest ok = no
> writable = no
>
> [Profiles]
> path = /var/lib/samba/profiles
> browseable = no
> guest ok = no
> writable = yes
>
> [printers]
> comment = All Printers
> path = /var/spool/samba
; try:
path = /var/tmp
> browseable = no
> writable = no
> printable = yes
> create mode = 0700
;replace the above by:
create mask = 600
> guest ok = no
>
> # =====================================
> # print command: see above for details.
> # =====================================

> print command = lpr-cups -P %p -o raw %s -r
; Remove the above, it should not be needed
> # using client side printer drivers.
> use client driver = yes
>
<snip>
>
>
infolab;

Above I’ve added some comments on your smb.conf. I don’t think they have any
relation to your problem but will tie up a few loose ends. In your original
post you asked about locking. Nothing has changed here in a long time, so
the problem is most likely a configuration/permission problem.

1. Can you please respond to my other two questions? First what are the nix
   permissions on a file you can not alter (and the surrounding directory)
   post the results of:

ls -l <path to affected directory>
e.g.
ls -l /test

I only want to see the permissions on the one file and directory that are
problematic, so you can trim the results of the above is you want.
Secondly does this depend on any particular application?

2. I am thinking this may be a permission problem. In the above comments I
   suggested the following parameter in your smb.conf:

log level =1 auth:3

This will suppress a lot of extra stuff in your logs and let you see how users
are authenticating. You can find the logs in /var/log/samba. Look at the
log for one of the clients (where the rewrite fails) to see if there is
anything stands out. Remember that Samba must obey the “nix” permissions.

3. In many of your shares you have:
   inherit permissions = yes.
   Setting this overrides the “force create mode”, force directory mode and any
   masks/modes. So unless the surrounding directory has the correct permissions
   the permissions on the files you create may not be correct.

4. While your try to solve this, you should try working with just one share
   at a time. I am guessing that [test] would be a good choice and that this
   was added for trouble shooting. Try a share like this to see if things work
   out.

[test]
force create mode        = 0775
force directory mode = 2775
inherit acls     = yes
path             = /test
writable                 = yes
force group              = agl
force user               = advantage

If you do not want to change your current [test], just alter the name and path
to your liking and add it to /etc/samba/smb.conf. After we get a working
share you can add back parameters until it breaks and then back off.

5. Lastly, some recent Samba releases had a bug with “force group”. I don’t
   think that this applies here, but just for completeness can you post the
   results of:

smbd -V

If you have any concerns about the parameters I’ve suggested you can view
details with:
man smb.conf

You should also check your configuration file with:

testparm /etc/samba/smb.conf

–
P. V.
“We’re all in this together, I’m pulling for you.” Red Green

Don’t forget : I can read and write in my shares. I can’t only rewrite.
I have no problem with Windows XP. I have only problem with Linux when cifs is used.
Samba version is 3.0.24.

On Thu September 3 2009 08:46 am, infolab wrote:

>
> Don’t forget : I can read and write in my shares. I can’t only rewrite.
> I have no problem with Windows XP. I have only problem with Linux when
> cifs is used.
> Samba version is 3.0.24.
>
>
infolab;
Are you saying that only Linux clients have this problem but not XP clients
when accessing your openSuSE 11.1 server?

I’m still interested in the answers to my questions. If the sticky bit is set
on a directory, files can only be removed by the owner. Applications such as
Word or OpenOffice will first create a new copy, and then delete the old copy
and rename the edited file. If you can not delete a file, you can not edit
it.

P. V.
“We’re all in this together, I’m pulling for you.” Red Green

I think the problem is between cifs and the samba server version.
I have no problem with XP. With Linux cifs, I can write or delete a file but not rewrite a file. I try to set uid and gid in the mount, but this does’nt remove the problem.
My samba server is a Mandriva 2008 server

I solve my problem upgrading my samba server to version 3.4.