Samba vs Unix permissions

Asked by Stefano Malini on 2012-05-22

Hi, this is my first question. Am working on a LAN with debian squeeze server and ubuntu 11.10 clients. I installed samba, ldap and smbldap on the server. I configured client and server to permit the login and the user's home directory mounting from the server on the client. The problem is, once the user is logged on the client and the user's home is locally mounted, i haven't any permission to create files in this dir. Checking the dir and dir-content permissions are the same of the server but form the client i can't do nothing. Using root client's user also, "Permission denied".
On debian channel told me that samba doesn't support unix permissions or told me that should be possible, but the problem is still not solved. After Could you help me? Thanks

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu samba Edit question
Assignee:
No assignee Edit question
Last query:
2012-05-22
Last reply:
2012-05-28
Jeet (gour-jitendrasingh) said : #1

not very clear but i think there is a flag in samba configuration file can you paste your samba configuration file here.

Thanks
~jeet

Stefano Malini (lozingalo) said : #2

What is not clear? this is my smb.conf

root@amahoro:~# cat /etc/samba/smb.conf
[global]

#identificazione
workgroup = AMAHORO
netbios name = SERVER
server string = amahoro
security = user
usershare path = /var/lib/samba/usershares
usershare max shares = 100
usershare allow guests = yes
#usershare owner only = yes

username map = /etc/samba/usermap

os level = 255
preferred master = yes
local master = yes
domain master = yes
admin users = Administrator root @"Domain Admins"

#opzioni di rete
hosts allow = 192.168.5.0/24 localhost

#opzioni per il log
log file = /var/log/samba/log.%u
max log size = 1000
log level = 3

#opzioni per l'accesso alle condivisioni
encrypt passwords = yes
null passwords = no
security = user
#smb passwd file = /etc/samba/smbpasswd
#username map = /etc/samba/smbusers

#LDAP
passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = cn=Manager,dc=amahoro,dc=bi
ldap suffix = dc=amahoro,dc=bi
ldap machine suffix = ou=Computers
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap delete dn = yes
ldap ssl = no
passwd program = /usr/sbin/smbldap-passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authen$
add user script = /usr/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"

[homes]
comment = Home Directories
path = /users/%S
#valid users = %u
read only = No
create mask = 0700
directory mask = 0700
browseable = No

[users]
path = /users
comment = Leçon
browseable = yes
public = yes
writable = no

Stefano Malini (lozingalo) said : #3

What is not clear? this is my smb.conf

root@amahoro:~# cat /etc/samba/smb.conf
[global]

#identificazione
workgroup = AMAHORO
netbios name = SERVER
server string = amahoro
security = user
usershare path = /var/lib/samba/usershares
usershare max shares = 100
usershare allow guests = yes
usershare owner only = yes

username map = /etc/samba/usermap

os level = 255
preferred master = yes
local master = yes
domain master = yes
admin users = Administrator root @"Domain Admins"

#opzioni di rete
hosts allow = 192.168.5.0/24 localhost

#opzioni per il log
log file = /var/log/samba/log.%u
max log size = 1000
log level = 3

#opzioni per l'accesso alle condivisioni
encrypt passwords = yes
null passwords = no
security = user
#smb passwd file = /etc/samba/smbpasswd
#username map = /etc/samba/smbusers

#LDAP
passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = cn=Manager,dc=amahoro,dc=bi
ldap suffix = dc=amahoro,dc=bi
ldap machine suffix = ou=Computers
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap delete dn = yes
ldap ssl = no
passwd program = /usr/sbin/smbldap-passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authen$
add user script = /usr/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"

[homes]
comment = Home Directories
path = /users/%S
#valid users = %u
read only = No
create mask = 0700
directory mask = 0700
browseable = No

[users]
path = /users
comment = Leçon
browseable = yes
public = yes
writable = no

Jeet (gour-jitendrasingh) said : #4

Make Shared with
browsable = yes and writable = yes

after editing smb.conf save it..
run
testparm command to see your effective configuration

if needed run

smbpasswd -a <user_name>

then enter password for samba user ..

you can use this user for share access .

Note : Before setting samba share do some thing prior
- Disable firewall
- Disable selinux

Thanks
~Jeet

Can you help with this problem?

Provide an answer of your own, or ask Stefano Malini for more information if necessary.

To post a message you must log in.