I have a samba share mounted locally as /mnt/sharefolder, but I’m a bit confused about the permissions.
I created the folder as root and mounted the share. I could read as a normal user, but couldn’t write. So I ran “chmod 777 /mnt/share” and I can make new folders and modify files, but I can’t rename or create symlinks. It’s almost like I don’t actually have full read/write of this folder.
Should I change the owner of the folder? If so, to which owner/group?
Should I change the folder and it’s child folder’s permissions?
Or did I do something wrong with the share mount command?
sudo mount -t cifs -o guest //192.168.1.100/syncdrive /mnt/sharefolder
You mentioned problems with symlinks. The default settings in smb.conf limits the use of symlinks outside the exported
directory. You should read the manual for smb.conf in regards to the usage and default values for these four parameters:
That explains it. But that link provided didn’t help much. It still doesn’t tell me if it’s a permissions issue with the folders on the external share drive or the fact I’m logging in as a guest, which the samba config file allows (on the samba server).
I can create folders, files, and my guest user has full rights over that. But Existing folders cannot be renamed.
Also, despite my last thread, I’m on OpenSUSE 13.1 now. Tumbleweed had too many kernel issues for me.
On 6/2/2014 10:46 AM, DupermanDave wrote:
>
<snip>
>
> That explains it. But that link provided didn’t help much. It still
> doesn’t tell me if it’s a permissions issue with the folders on the
> external share drive or the fact I’m logging in as a guest, which the
> samba config file allows (on the samba server).
>
> I can create folders, files, and my guest user has full rights over
> that. But Existing folders cannot be renamed.
>
>
DupermanDave;
It might help if you posted the contents of /etc/samba/smb.conf. You can use substitute values for any sensitive items.
It would also be interesting to see the results of:
ls -ld <path/to/exported/directory>
If you are using symlinks also the above command using the /path/of/the/linked/directory(or file).
If you add the following parameter to /etc/samba/smb.conf you can see in /var/log/samba/log.smbd exactly how you are
authenticating.
log level = 0 auth:3
Be sure to comment out or delete the above line when you are done testing to keep you log file under control.
P.V.
“We’re all in this together, I’m pulling for you” Red Green
Here’s a few of the important bits from the smb.conf file. It has all the default comments and junk, so I just copied some of it. Is there anything missing you guys need? I can post the full thing on pastebin.
On 6/3/2014 9:36 PM, DupermanDave wrote:
<snip>
>
> Here’s a few of the important bits from the smb.conf file. It has all
> the default comments and junk, so I just copied some of it. Is there
> anything missing you guys need? I can post the full thing on pastebin.
>
>
> Code:
> --------------------
>
> security = share
> guest account = nobody
> map to guest = nobody
>
<snip>
[quote=DupermanDave]
I’m on Opensuse tumbleweed, upgraded from 13.1.
[/qoute]
openSuse 13.1 was released with Samba4 which does not support security = share. It’s been depreciated for some time and
is now gone. guest account = nobody is the default, but there is no harm in setting it. map to guest = nobody is not
now or never was correct. Try:
map to guest = Bad User
You should read over Swerdna’s HowTo: http://www.swerdna.net.au/suselanprimer.html. It’s old but with perhaps some
cosmetic changes in YaST2 and openSUSE it should still be valid. Of course the rc commands have been replaced by
systemd but I think still work.
Comment out the security parameter and change the “map to guest” parameter and see if things work better. As an aside
you can check the actual values of the all the parameters, including default values, with:
testparm -vs
or
testparm -vs | grep <parameter_name>
–
P.V.
“We’re all in this together, I’m pulling for you” Red Green
Your directory permissions look good, but I wondering about the ownership and permissions of the individual shares as
well. Without data, I’m guessing that with your misconfiguration of Samba, you are not authenticating as you think and
that the actual ownership and permissions on the individual files/directories you have created are not what you think.
Check which user you are authenticating as and then check how that agrees or disagrees with the permissions of the
individual files.
I made those changes to the samba config file and I can access the share properly in Linux (opensuse), but on Windows it prompts for a username/password. So it seems I’m making the situation worse.
On 6/4/2014 10:06 PM, DupermanDave wrote:
>
> venzkep;2647348 Wrote:
>> PS
>>
>> Your directory permissions look good, but I wondering about the
>> ownership and permissions of the individual shares as
>> well. Without data, I’m guessing that with your misconfiguration of
>> Samba, you are not authenticating as you think and
>> that the actual ownership and permissions on the individual
>> files/directories you have created are not what you think.
>> Check which user you are authenticating as and then check how that
>> agrees or disagrees with the permissions of the
>> individual files.
>
> I made those changes to the samba config file and I can access the share
> properly in Linux (opensuse), but on Windows it prompts for a
> username/password. So it seems I’m making the situation worse.
>
> The samba server is a debian machine.
>
>
I was answering your question as if the server was openSUSE. If the server is Debian, then it may be running Samba3, in
that case security = share should work. I’m not sure what, if any, account is the default guest account. You may need to
set the “guest account” parameter on Debian. The security share on 13.1/tumbleweed would be immaterial as it is only
Samba Client that is involved. What version of samba is on the Debian machine?
smbd -V
What does the smb.conf look like on Debian?
What user does your openSUSE machine authenticate on Debian? ( See earlier post.)
If you map a bad user to guest, and the Client sends an invalid Samba UserName then it should be allowed as guest. On
the other hand if the Client requests a valid UserName and the password is wrong access is denied.
While looking back at an earlier post, I noticed that you had the security parameter also set on the [SyncDrive] share
and that contradicts the global setting. The security parameter is a global variable and should not be set in a share
definition. I’m not sure how samba parsed that.
To see the actual value set run:
If I had a guest-access share I’d take root right out of the equation. Root is messy with some incongruities. I’d chown it to a user e.g. john and chmod it to 750 and then share it like this:
[ShareName]
path = /path_to/shared_directory
read only = no
guest ok = yes
force user = john
The “force user” bit is an admin tool that keeps things tidy for Linux, “force user” is invisible and irrelevant to the outside, it still implies full guest access.
And I’d still log on as guest.
I got it, but I have a question regarding the share bit. Where it says, “force user = john” is this required? Which user is it forcing? A user on the samba server? In this case, would I need to create a dummy guest account on the server?
On 6/8/2014 1:46 PM, DupermanDave wrote:
> I got it, but I have a question regarding the share bit. Where it says,
> “force user = john” is this required? Which user is it forcing? A user
> on the samba server? In this case, would I need to create a dummy guest
> account on the server?
DupermanDave;
john is a valid Linux username. It, john, could be an existing user say your username or even “nobody”. Reads and
writes on the share will take place as that user. A file/directory created on that share will be owned by john. The
permissions for the file/directory will be those of john.
P.V.
“We’re all in this together, I’m pulling for you” Red Green