LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Samba / Server File Security (https://www.linuxquestions.org/questions/linux-server-73/samba-server-file-security-789324/)

Baldychap 02-15-2010 04:41 PM

Samba / Server File Security
 
Hi All,

I have a problem and I'm not sure where the problem lies. I'll explain...

I have Karmic Desktop running on a machine with a software RAID array. There is one folder in the array called 'DATA'. The permissions are set so the owner is 'user1' (the user that I log on to the computer with) with read/write access and there is a group called 'group1' which also has read/write access.

I have samba running on the computer to share the DATA folder on the network. I have two users setup called 'user2' and 'user3' and these have rights to access the samba share. They are both members of 'group1'

Windows and Linux machines can connect and browse the share OK. The problem comes when they try to create folders/files or modify an existing file.

For example, if user2 creates a folder on DATA they will not have access to the folder and cannot view it. If I browse the DATA folder from the server (logged on as user1) I can see the folder, but also cannot access it, If I look at the permissions I can see that the user ID of user2 is now the owner of the folder with create/delete files rights and the group 'user2' also has right to access the files only.

So the problem is that any new files do not inherit permissions from the parent, as I would like, and then when user2, or user3, create files/folder neither they, or anyone else, can access them.

I've checked samba and all the flags etc. seem to indicate that the users have full read/write access. So maybe it's a file permissions problem, but I'm not sure.

Can anyone offer me some advice, any tips gratefully received!!

Thanks,

Baldychap.

chrism01 02-15-2010 06:23 PM

How about

chmod g+s DATA

I assume you mean DATA is a dir?

jschiwal 02-15-2010 06:34 PM

Did you add user2 and user3 using smbpasswd?

Do users user2 & user3 use Linux or Windows?
Please post the results of "ls -ld DATA". You said read/write permisson, but for directories, you need to set the 'x' bit to enter the directory. (or were you talking about samba permissions) A user also needs permissions for the directory itself as well as samba permissions.

Post the stanza for this share from your smb.conf file.

Baldychap 02-16-2010 01:53 PM

Hi jschiwal,

Yes, I added user2 and user3 using smbpasswd, I'm pretty sure this worked as I remember getting an 'access denied' error message on the client when I tried to connect. At the moment I testing with linux, as I use that the most, but I have just tried it with a windows machine and that doesn't seem to have the same problem....

The output of 'ls -ld DATA' is :-

drwxrws--- 17 user1 group1 4096 2010-02-15 20:51 DATA

The stanza in the smb.conf file :-

[data]
path = /media/raid/DATA
comment = DATA Share
valid users = user2 user3
write list = user2 user3
directory mask = 0770
read only = no
available = yes
browseable = yes
writable = yes
guest ok = no
public = no
printable = no
share modes = no
locking = no

Thanks!

Baldychap.


All times are GMT -5. The time now is 02:11 PM.