-   Linux - Software (
-   -   Samba User / Group Access Permissions Different Between Linux and Win (

jeyroz 01-27-2006 01:27 PM

Samba User / Group Access Permissions Different Between Linux and Win
I'm having trouble working with a networked (Samba) filesystem from local Linux machines. Strangely, the configuration works beautifully when accessed from local Windows boxes, giving the authenticated user read/write access to files such as...

-rw-rw---- 1 jane sambauser 130560 Jan 27 2005 text.doc

When the filesystem is mounted under Linux with...

smbmount //192.168.X.XXX/usr/share /mnt/share -o username=john,uid=501,gid=500
-- OR --
smbmount //192.168.X.XXX/usr/share /mnt/share -o username=john,uid=john,gid=sambauser

...files and directories like the one above are inaccessilble.

All accessing users have accounts on the samba server and are included in a group "sambauser" (john / sambauser).

Shared directory (/usr/share) is owned by root, group "sambauser" and has the following permissions set: drwxrws---
The directory has a sticky gid to make sure all files are owned and accessible to those in the "sambauser" group.

My smb.conf has the following params...

comment = File Server
path = /usr/share
browseable = yes
writeable = yes
guest ok = no
public = no
create mask = 0660
directory mask = 0770
printable = no

Any ideas why the accessing Linux machines are restricted while the Windows machines are not?

Thanks in advance for the help.

Randall Slack 01-27-2006 01:44 PM


Shared directory (/usr/share)
just a note beside your problem but are you sure this is the place where you want too set up the shares? might be misstaking but it doesn't seem the correct place to me. why not the home directory like the default?

Randall Slack 01-27-2006 01:48 PM


smbmount //192.168.X.XXX/usr/share /mnt/share -o username=john,uid=john,gid=sambauser
what happens if yo do this?

smbmount //192.168.X.XXX/usr/share /mnt/share -o rw,username=john,uid=john,gid=sambauser

try to mount the share rw (read/wite)

marozsas 01-27-2006 01:57 PM

I have a similar setup here and the only difference I can see is the following setting you haven't:

force group = sambauser

I am not sure this is the answer....

jeyroz 01-27-2006 02:19 PM

Thanks for the replies thus far.

The location of the share is actually /share ... my mistake.
I will try the "rw" option when mounting. I can write to the share if I open the directories up to 777 and the user group info is correct.

I actually was using force group = sambauser at one point (along with myriad other smb.conf options) to no avail.

I am also able to mount the fs from a OS X box and have no trouble writing to the filesystem. Huh.

jeyroz 01-27-2006 03:46 PM

I'm still unable to mount the filesystem with r/w access after specifying "rw" as a part of my mount command. Any other ideas? My only option is to open everything up 777 ... which isn't much of an option.

jeyroz 01-27-2006 04:17 PM

My trouble has been mounting the fs and browsing it through Gnome. If I mount the fs and browse it from the command-line, I have no problem with access permissions. What am I missing here?

jeyroz 01-27-2006 05:35 PM

I created a "sambauser" group on the local Linux machines with the same gid as is on the fileserver and added each respective local account to it and all is fine now. Why was this necessary if the smbmount command includes the specified gid to use on the samba fs?

marozsas 01-29-2006 12:26 PM

Good you figure out what is wrong !

The problem is when a user try to access the filesystem he does not have the proper permissions because he does not belongs to the specified group=sambauser. Doesn' t matter if that group exists or not. The bottom line is the user does not belongs to the group sambuser. I bet you will have the same problem if the group exists and a local user is not part of group sambauser.

Soon you will face another problem. How to have a centralized, single sign on, user account system ? This is the (open-source) Holly Graal I am looking for right now. But this is a subject for another threat...

have a nice week,

All times are GMT -5. The time now is 09:33 AM.