Samba sharing issue - user rights?

I have shared a folder on one system (A), and mounted it on another (B) (both leap 15.5). When accessing the share from B, I cannot edit certain files. For example, here are two files( from an “ls -la” on A)

-rwxrwxrwx 1 root root 53 Oct 15 19:31 test1.txt
-rw-r–r-- 1 tom users 0 Oct 15 16:37 test2.txt

I can edit test1.txt from B, but I can’t edit test2.txt. I presume due to the user rights, rather than any SAMBA problem?

Both machine have user “tom” with the same password. I want that user to be able to edit all files on the server share. I don’t want to give edit rights to anyone else. What am I doing wrong? Should I be using a group rather than usernames? If the use on A has the same username/password as on B, why can’t it edit the second file?

(I read that a chmod 777 to ALL files on the server will “fix” this but it seems a bit of a bodge).

How are you mounting it?

Is the mount point chmod 777 to allow everyone

What does your mount command look like - did you give the right permissions on the mount?

Here is what I use generic format - change myuser to tom and password and host/share and mountpoint to yours:
mount -t cifs -o vers=2.0,username=myuser,password=mypasswd,uid=myuser,gid=users,file_mode=0755,dir_mode=0755 //host/share /mymntpoint

That is all one line.

The mount point (on machine B) is chmod 777 owned by root

The command to mount (on machine B) in fstab is:

//MACHINEA/data  /mnt/Adata  cifs  credentials=/etc/win-credentials,file_mode=0777,dir_mode=0777   0 0

Reivew the samba guide:

Unfortunately I cannot see anything in that guide which has helped with the issue.

Also, I note that I can create a new file in the share (e.g. Dolphin, create new text file) but if I try to edit and save it I cannot !?!

Show us your working smb.conf.

More reading that may be of value depending on your samba environment:

# smb.conf is the main Samba configuration file. You find a full commented
# version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
# samba-doc package is installed.
        workgroup = WORKGROUP
        passdb backend = tdbsam
        printing = cups
        printcap name = cups
        printcap cache time = 750
        cups options = raw
        map to guest = Bad User
        logon path = \\%L\profiles\.msprofile
        logon home = \\%L\%U\.9xprofile
        logon drive = P:
        usershare allow guests = No
        wins support = No
        comment = Home Directories
        valid users = %S, %D%w%S
        browseable = No
        read only = No
        inherit acls = Yes
        comment = Network Profiles Service
        path = %H
        read only = No
        store dos attributes = Yes
        create mask = 0600
        directory mask = 0700
        comment = All users
        path = /home
        read only = No
        inherit acls = Yes
        veto files = /aquota.user/groups/shares/
        comment = All groups
        path = /home/groups
        read only = No
        inherit acls = Yes
        comment = All Printers
        path = /var/tmp
        printable = Yes
        create mask = 0600
        browseable = No
        comment = Printer Drivers
        path = /var/lib/samba/drivers
        write list = @ntadmin root
        force group = ntadmin
        create mask = 0664
        directory mask = 0775

        comment = data on A
        inherit acls = Yes
        path = /mnt/data
        read only = No

[data] is the problem

Does the directory have ACLs set up?

getfacl /mnt/data
getfacl: Removing leading '/' from absolute path names
# file: mnt/data
# owner: tom
# group: tomgroup
# flags: -s-

So ACLs are not in use. (I haven’t ever used them in a samba server context.) This ‘inherit acls = Yes’ won’t have any effect here. See this article for that would look like

Thanks Deano - any idea what to try next?

It really depends on what your particular requirements are. If two groups of users require access to the same share, then this might be a reasonable approach. You would need to set the ACLs accordingly as per the samba wiki guide I already linked to. It shows how to use the setfacl command to disable auto-granting permissions for the primary group of user accounts, and set permissions as required.

Here’s how you might implement similar permissions for various samba users without using ACLs…

An update - as I just couldn’t fix this, I re-imaged the machine sharing the files. All was fine after that, and the client could read/write no problem (despite having exactly the same smb.conf as before). This suggests to me that it was nothing to do with the permissions on the files (they are on a different partition). But as to what the problem was, I cannot say.

Thanks for the update. It was definitely file permissions (as you described in your opening post), but be aware of multiple users needing to accessing such samba shared files, and having the appropriate permissions.

Thanks Deano. But… the file permissions didn’t change as they were on another partition. Why would re-imaging the machine have changed that?