Samba Permissions Help Needed

Hi everyone!

I have a server that has a samba share on it. I can access this Samba share, view the files, etc. My problem is, on the remote workstation, if I create something new using Dolphin (a directory for example) the permissions of that directory are automatically set to r-xr-xr-x instead of rwxrwxrwx. This means, the directory I just created is useless because I cannot copy anything into it. I can manually go into the server and change the permissions of the new directory, but this is a major pain.

I’m sure something just isn’t setup right. The workstation runs OpenSuSE 12.3 and I’m accessing the samba share via Dolphin in KDE. The server is running OpenSuSE 12.2 64bit.

Thanks in advance for any help! :slight_smile:

I am not a SAMBA user because I have no Windows anywhere in my environment, so this is not an answer to your problem. But why are you using SAMBA when both client and server are Linux systems? I ask, because SAMBA mimics Wiindows functionality and Windows has no Unix/Linux permissions, thus I wonder if your poroblem has something to do with the fact that you use Linux - Linux over a Windows interface.

Good question. I suppose it’s because, at least in my interwebs searches, it’s easier to setup than NFS and is pretty common practice to use SMB even over an all-Linux network.

(plus, I do dual boot my laptop with Windows 7 and want to access the same files on the server from there when I do rarely boot into it)

Well, you do not tell if this setup is new or that you had it functioning according to your wishes earlier (on different openSUSE levels or the like). But when it is new, I wouldn’t be surprised that using Linux permissions over a SAMBA construct wouldn’t work (and in NFS it would work of course). But again I am no SAMBA expert and those who are may have tell u it is different.

BTW when setting up SAMBA is even easier then setting up NFS it would be almost running before you started thinking about using it rotfl!

I can confirm that samba works very well in Linux networks too.
Anyway, assuming that you’ve already installed all the related file and that the smb and nmb services are running, I’d suggest to set the /etc/samba/smb.conf as follows:

wins support = yes
name resolve order = bcast host lmhosts wins

Cool, I did that and I also added these two lines to the share section:

create mask = 0666
directory mask = 0777

Seems to be working now. :smiley:

It should work … :slight_smile:
Let us know … lol!

Well, I stand corrected, sort of. If half works.

It works fine IF I connect to the samba share on the server directly. I.e.: smb://10.10.69.1/Backup

But, it DOES NOT work if I MOUNT the share on the remote workstation and then access that mount. Like:

mount -t cifs //10.10.69.1/Backup /server_backup/ -o username=shane,password=xxxxxxxx

I found something strange. If I look at the mounted volume with the “l” command, I see that every file I create is created by user “margaret-ann” which is the other user (my wife) on the remote computer. I am NOT logged in on her account and I am NOT authenticated on the samba server as her account. But files/directories that I try to create on the samba share using dolphin, show the owner “margaret-ann” instead of “shane” which they should show. Any ideas? Something is definitely whacky here.

Here’s what I mean:

I mount the share:

Dell-Laptop:~ # mount -t cifs //10.10.69.1/Backup /server_backup/ -o username=shane,password=xxxxxxxx

Then check the mount:

Dell-Laptop:~ # mount
//10.10.69.1/Backup on /server_backup type cifs (rw,relatime,vers=1.0,sec=ntlm,cache=strict,unc=\\10.10.69.1\Backup,username=shane,uid=0,noforceuid,gid=0,noforcegid,addr=10.10.69.1,unix,posixpaths,serverino,acl,rsize=1048576,wsize=65536,actimeo=1)

Then make sure I can see files in the mount:

Dell-Laptop:~ # ls /server_backup/
110612 - HTPC Backup  110612 - Laptop Backup  Laptop_Backup  lost+found

Then write a file to the mount in the command prompt:

Dell-Laptop:~ # touch /server_backup/12345

And check the owner and permissions again:

Dell-Laptop:~ # l /server_backup/
total 4
drwxrwxrwx  6 root         root     0 Jun 10 16:46 ./
drwxr-xr-x 24 root         root  4096 Jun 10 16:44 ../
drwxrwxrwx  4 margaret-ann users    0 Nov  6  2012 110612 - HTPC Backup/
drwxrwxrwx  2 margaret-ann users    0 Nov  6  2012 110612 - Laptop Backup/
**-rw-r--r--  1 margaret-ann users    0 Jun 10 16:46 12345**
drwxrwxrwx  2 margaret-ann users    0 Jun 10 16:46 Laptop_Backup/
drwxrwxrwx  2 root         root     0 Sep 22  2012 lost+found/
Dell-Laptop:~ # 

Notice that “12345” file I created using touch is owned by “margaret-ann” instead of the user I am logged onto as which is “shane.” Why is it doing this to the mount?

Fixed. The UID mapping on the remote machine vs the server was different.

Server:
server - 1000
shane - 1001
margaret-ann - 1002

Remote machine:
shane - 1000
margaret-ann - 1001

Since 1001 was user margaret-ann on the remote machine, samba set the ownership of any newly created files to her user. DOH! The mapping has been changed on the server to match the remote machine and all is well now.

Very interesting point.
I’m glad you’ve solved the problem …

That is something you should should organize correctly also when using NFS. In fact you should organize for the uids and gids to be used by the same user on systems that work together that close allways centraly. (That is is why they invented NIS to go with NFS).

If your Samba share role is to be read/write for all your local network workstations’ backup, you could use guest account access. It will avoid UID/GID mapping issues, but you will not be able to track down who owns what. By default, the Samba guest account maps to nobody:nobody.

To implement guest access, you just need to add

guest ok = yes

or

guest only = yes

to your share configuration on the Samba server smb.conf file and chmod/chown accordingly the share directory on the Samba server filesystem.

To mount the CIFS share on the client, you should then use the following command line:


# mount -t cifs //10.10.69.1/Backup /server_backup/ -o guest

Another, but more complex, solution is to create a NT4 Samba Domain.

I also see that you don’t use NetBIOS names for IP resolution of your server. Are you encountering issues with it ?