0

Something wrong when creating file from windows.

smbd Version 4.1.6-Ubuntu

Copying the same file from same PC to same folder inside the share.

From share definition:

shares-secret.conf: force create mode = 0722

shares-secret.conf:# create mask = 0666

shares-secret.conf:# directory mask = 0666

result: -rwxr--r--

shares-secret.conf:# force create mode = 0722

shares-secret.conf: create mask = 0666

shares-secret.conf:# directory mask = 0666

result: -rwxr--r--

shares-secret.conf:# force create mode = 0722

shares-secret.conf:# create mask = 0666

shares-secret.conf: directory mask = 0666

result: -rwxr--r--

So, the single parameter gave no effect: group will have r/o access. Trying to use two parameters

CM=0666,DM=0666: -rwxr-xr--

CM=0666,DM=0: -rwxr-xr--

CM=0,DM=0666: -rwxr-xr--

CM=0,DM=0: -rwxr-xr--

CM=7, DM=default: -rwxr-x---

CM=70, DM=default: -rwxr-x---

FCM=666, others=default: -rw-r--r--

etc etc... So, as I can see, there's no way to enable write access for group?

Troublemaker-DV
  • 174
  • 3
  • 12

2 Answers2

1

Solution is simple: turn "obey pam restrictions" off. That's all!

Troublemaker-DV
  • 174
  • 3
  • 12
1

Humm. I'd be interested in seeing the relevant PAM sections on that.

I had a similar problem where in spite of 'inherit permissions', create masks, and force create mode options I was unable to create files with group (or world) writable permissions.   The problem turned out to the clients, which were OSX boxes. OSX was using a umask value of 0022.

Changing that was very difficult.

The solution turned out to be putting umask 0002 in /etc/launchd-user.conf, then rebooting so launchd would re-read its startup scripts.  Apple's documentation at https://support.apple.com/en-us/HT201684 states that this is for 10.9 and below, but I think it only works down to version 10.4.10, at which point you have to use defaults write -g NSUmask 2 which is good for most of 10.4 & 10.3 .   Also, the NSUmask is a convoluted base-10 representation of the usual octal code. (warning warning)

The Terminal is it's own environment so it's umask must be set separately in /etc/profile or ~/.profile .

Anyway, obey pam restrictions had no effect for me on this issue.  The set up was FreeBSD 10.3 , samba 4.3.11 , & various OSX versions.

cira
  • 11
  • 1
  • Sorry, but we have no OSX boxes. Only an assortment of windoze - from aging XP to damned 10. Thus I cant set up umask on client sides – Troublemaker-DV Oct 26 '16 at 02:04