permissions in samba (linux-->windows)

hi, i have a linux host and a windows client connected with samba, and it works fine (it took me sooooo long to figure out how to network my two babies… i was a proud father). anyway the strange thing is that files that go from the pc to linux are always read-only, and i have to chown them. it’s no big deal because it works, but i was wondering if anybody can tell me what’s going on… maybe i missed a thread somewhere in this forum.

i suspect it has to do with the fact that samba is configured as “root”, and so all files that are copied to the shared folder (from the pc to linux) enter with root permissions… i don’t even know how i did this, or if i’m even making sense lol!

On Wed February 11 2009 11:36 pm, monoRhesus wrote:

>
> hi, i have a linux host and a windows client connected with samba, and
> it works fine (it took me sooooo long to figure out how to network my
> two babies… i was a proud father). anyway the strange thing is that
> files that go from the pc to linux are always read-only, and i have to
> chown them. it’s no big deal because it works, but i was wondering if
> anybody can tell me what’s going on… maybe i missed a thread somewhere
> in this forum.
>
> i suspect it has to do with the fact that samba is configured as
> “root”, and so all files that are copied to the shared folder (from the
> pc to linux) enter with root permissions… i don’t even know how i did
> this, or if i’m even making sense lol!
>
>
monoRhesus;
It might help if you can:

  1. Post the contents of the /etc/samba/smb.conf [Global] section.
  2. Post the contents of the [share] in question, from the same file.
  3. Post the Linux owner and permissions of the the shared directory.

Of course, you can use substitute values for any sensitive information in the
[Global] section such as public IPs.

Without having seen any of the above, my first guess is you may only need to
add the following parameters to the share:


force create mode
force directory mode

For the use of these parameters see:


man smb.conf


P. V.
“We’re all in this together, I’m pulling for you.” Red Green

hi pv, here’s the additional info you asked for (and sorry for posting an incomplete question :|)

[global]
workgroup = enlinux
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
logon path = \%L\profiles.msprofile
logon home = \%L%U.9xprofile
logon drive = P:
usershare allow guests = Yes
add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$
domain logons = Yes
domain master = Yes
security = user
usershare max shares = 100
idmap gid = 10000-20000
idmap uid = 10000-20000
local master = Yes
os level = 65
preferred master = Yes

[share]
[enlinux]
inherit acls = Yes
path = /home/monorhesus/public_html
read only = No

The permissions for the shared folder are:
drwxrwxrwx 3 monorhesus users (date and time) public_html/

Is this what you asked for? As you can see the sharing folder is ‘read only = no’… Any light please?

Thanks,

re: the force create mode and force directory mode, the man file says the syntax needs an octal parameter… the share folder is already set to 777… which parameter would you suggest? or don’t i need any?

thanks

You’ve really only got a workgroup scenario with the two computers. You have it configured as a Primary Domain Controller. Better to change it to a workgroup config by opening smb.conf in a text editor and changing the [global] stanza to this (copy/paste will do it in a flash):

[global]
workgroup = enlinux
netbios name = NETWORK_NAME_OF_YOUR_CHOICE
name resolve order = bcast host lmhosts wins
map to guest = Bad User
local master = yes
preferred master = yes
os level = 65
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
load printers = yes
use client driver = yes
server string = ""

While you’re there, remove this line: [share] (it is undefined and will be a non-functioning icon in your network browser)

And then your share would work well if it was structured like this:

[enlinux]
path = /home/monorhesus/public_html
read only = No
force user = monorhesus

If you want it to be a share only for all users who can supply username and password, make it as above and chmod the directory permissions back to 755:

chmod -R  755 /home/monorhesus/public_html

If you want it to be read-write accessible to the world (to guests), leave the directory permissions at 777 and add this line into the stanza for [enlinux]:

guest ok = yes

Sorry I forgot to add that the share version 1 (no guests) will be accessible only to users who are real users on the Linux machine and who have been added to the samba user database; e.g. monorhesus. To add users to the database you open a console and enter commands this command, one each for each user you wish to add:

sudo smbpasswd -a monorhesus

Luck to you

On Sat February 14 2009 12:36 pm, monoRhesus wrote:

>
> re: the force create mode and force directory mode, the man file says
> the syntax needs an octal parameter… the share folder is already set
> to 777… which parameter would you suggest? or don’t i need any?
>
> thanks
>
>
monoRhesus;

I see that swerdna replied; follow him on this. The force user parameter
should do everything you need without resorting to the force create
[directory] mode.

P. V.
“We’re all in this together, I’m pulling for you.” Red Green

swerdna and pv, thanks so much for your help. after some days knocked out with a flu i could finally try out your suggestions, and they worked!

again thanks so much for taking the time to suggest solutions. as pv said, i did not have to resort to the force create step.

On Fri February 20 2009 05:56 pm, monoRhesus wrote:

>
> swerdna and pv, thanks so much for your help. after some days knocked
> out with a flu i could finally try out your suggestions, and they
> worked!
>
> again thanks so much for taking the time to suggest solutions. as pv
> said, i did not have to resort to the force create step.
>
>
monoRhesus;

Glad to help. Hope you are over your human virus.

P. V.
“We’re all in this together, I’m pulling for you.” Red Green