RE: [Samba] SAMBA Problem - Users take ownership - Samba

This is a discussion on RE: [Samba] SAMBA Problem - Users take ownership - Samba ; create mask = 0765 create mode = 0777 directory mode = 0770 force create mode = 000 Turn it to create mask = 2765 create mode = 2777 directory mode = 2770 Delete force create mode = 000 Test carlos ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: RE: [Samba] SAMBA Problem - Users take ownership

  1. RE: [Samba] SAMBA Problem - Users take ownership



    create mask = 0765
    create mode = 0777
    directory mode = 0770
    force create mode = 000


    Turn it to

    create mask = 2765
    create mode = 2777
    directory mode = 2770

    Delete

    force create mode = 000

    Test


    carlos

    -----Original Message-----
    From: Travis Bullock [mailto:tbullock@avmax.ca]
    Sent: Wednesday, April 18, 2007 4:19 PM
    To: Carlos Rivera-Jones
    Cc: samba
    Subject: Re: [Samba] SAMBA Problem - Users take ownership

    smb.conf file:

    [global]
    security = domain
    workgroup = AVMAX
    netbios name = atlas
    map to guest = Bad User

    encrypt passwords = yes
    password server = 10.2.32.1 10.2.0.4 10.4.0.3
    username level = 0
    #password server = 10.2.0.3 10.2.0.4 10.2.32.1
    deadtime = 3
    local master = no
    domain master = no
    domain logons = no
    wins support = yes
    remote announce = 10.4.0.0/20 10.3.0.0/20 #winbind use default
    domain = yes
    winbind separator = +
    winbind cache time = 10
    idmap uid = 10000-20000
    idmap gid = 10000-20000
    winbind enum users = yes
    winbind enum groups = yes

    hosts allow = 10.0.0.0/20 10.2.0.0/20 10.2.32.0/20 10.2.16.0/20
    10.3.0.0/16 10.128.0.0/16 10.4.0.0/16
    interfaces = 10.2.0.12 192.168.0.4
    log level = 2 winbind:5

    [Planning]
    comment = Avmax Planning Group Share
    browseable = yes
    writable = yes
    read only = no
    create mode = 0770
    directory mode = 0770
    path = /usr/avmax_shares/Planning

    [GFQ]
    comment = Great Falls QA
    browseable = yes
    writable = yes
    read only = no
    create mask = 0765
    create mode = 0777
    directory mode = 0770
    force create mode = 000
    path = /usr/avmax_shares/GFQ


    Those are two different types of shares. I am playing with the settings
    to see if I can make a difference to the share but so far no joy.
    Probably because I don't have a firm understanding of how those settings
    work.

    Cheers,

    Travis

    ----- Original Message -----
    From: "Carlos Rivera-Jones"
    To: "Travis Bullock" , "samba"

    Sent: Wednesday, April 18, 2007 2:14:19 PM (GMT-0700) America/Denver
    Subject: RE: [Samba] SAMBA Problem - Users take ownership


    Smb.conf share settings?

    carlos

    -----Original Message-----
    From: samba-bounces+carlos=sinu.com@lists.samba.org
    [mailto:samba-bounces+carlos=sinu.com@lists.samba.org] On Behalf Of
    Travis Bullock
    Sent: Wednesday, April 18, 2007 4:09 PM
    To: samba
    Subject: Re: [Samba] SAMBA Problem - Users take ownership

    Can anyone help me with this? This is a serious problem and it is really
    screwing me over.

    Cheers,

    Travis Bullock
    Systems Administrator
    Avmax Group Inc.

    ----- Original Message -----
    From: "Travis Bullock"
    To: "samba"
    Sent: Saturday, April 14, 2007 10:12:30 AM (GMT-0700) America/Denver
    Subject: [Samba] SAMBA Problem - Users take ownership

    Hi,

    I have a problem with my Samba/WinBIND implementation. In folders shared
    by multiple people the last one to access and modify a file takes
    ownership of the file and changes the permissions so other users cannot
    make changes to the same file:
    [root@atlas PLANNING RECORDS]# cd REGIONAL\ 1\ AIRLINE\ DOCS/
    [root@atlas REGIONAL 1 AIRLINE DOCS]# ls -al total 1232
    drwxrws---+ 8 root AVMAX+Domain Admins 4096 Apr 13 13:16 .
    drwxrws---+ 23 root AVMAX+Domain Admins 4096 Apr 3 08:14 ..
    drwxrws---+ 7 root AVMAX+Domain Admins 4096 Mar 20 13:01 AALI Reserves
    drwxrws---+ 3 root AVMAX+Domain Admins 4096 Mar 20 13:02 Archived
    drwxrws---+ Documents for Reg. 1
    -rwxrwx---+ 1 AVMAX+RMesheau AVMAX+Domain Admins 64512 Apr 13 12:56 LOG
    -rwxrwx---+ BOOK entry template.xls
    drwxrws---+ 6 root AVMAX+Domain Admins 4096 Mar 30 16:20 Logpages
    drwxrws---+ Monthly Templates Reports etc
    -rwxrwx---+ 1 AVMAX+ALee AVMAX+Domain Admins 552448 Apr 13 13:16 MOD SB
    -rwxrwx---+ Compliance Status ALEX.xls
    -r--rwx---+ 1 AVMAX+ALee AVMAX+Domain Admins 552448 Apr 12 13:35 MOD SB
    -r--rwx---+ Compliance Status.xls
    drwxrws---+ 2 root AVMAX+Domain Admins 4096 Mar 30 16:09 Monthly
    drwxrws---+ Workorder Templates
    drwxrws---+ 3 root AVMAX+Domain Admins 4096 Apr 3 09:06 SIP + Audit
    drwxrws---+ Spreadsheets
    drwxrws---+ 5 root AVMAX+Domain Admins 4096 Mar 20 13:04 Tally Sheets
    drwxrws---+ for Regional 1

    I want all ownerships to remain root:AVMAX+Domain Admins with drwxrws---
    set as the permissions. My ACL's look like this for a file:

    [root@atlas REGIONAL 1 AIRLINE DOCS]# getfacl MOD\ SB\ Compliance\
    Status.xls # file: MOD SB Compliance Status.xls # owner: AVMAX+ALee #
    group: AVMAX+Domain Admins
    user::r--
    user:root:rwx
    group::rw-
    group:AVMAX+Planning:rwx
    mask::rwx
    other::---

    I think group:AVMAX+Planning:rwx is good but appears to be ineffective
    once a user takes ownership of a file.

    And this for a directory:

    [root@atlas REGIONAL 1 AIRLINE DOCS]# getfacl Tally\ Sheets\ for\
    Regional\ 1/ # file: Tally Sheets for Regional 1 # owner: root # group:
    AVMAX+Domain Admins user::rwx group::rwx group:AVMAX+Planning:rwx
    mask::rwx
    other::---
    default:user::rwx
    default:group::rwx
    default:group:AVMAX+Planning:rwx
    default:mask::rwx
    defaultther::---

    Any ideas as to why this is happening?


    Travis Bullock
    Systems Administrator
    Avmax Group Inc.
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  2. Re: [Samba] SAMBA Problem - Users take ownership

    Thanks Carlos for helping.

    PERMISSIONS BEFORE OPENING AND CHANGING AVMAX TOOL LIST FILE:

    [root@atlas Tool_list]# ls -al
    total 4360
    drwsrws---+ 2 root AVMAX+Domain Admins 4096 Apr 18 14:09 .
    drwsrws---+ 9 root AVMAX+Domain Admins 4096 Feb 22 15:20 ..
    -rwsrws---+ 1 root AVMAX+Domain Admins 1536 Feb 21 11:18 AF673B00
    -rwsrws---+ 1 root AVMAX+Domain Admins 2225664 Apr 18 11:25 atr list.xls
    -rwxrwx---+ 1 root AVMAX+Domain Admins 2191872 Apr 18 14:09 AVMAX TOOL LIST REVISED.xls

    PERMISSIONS AFTER OPEN AND CHANGE:

    [root@atlas Tool_list]# ls -al
    total 4360
    drwsrws---+ 2 root AVMAX+Domain Admins 4096 Apr 18 14:36 .
    drwsrws---+ 9 root AVMAX+Domain Admins 4096 Feb 22 15:20 ..
    -rwsrws---+ 1 root AVMAX+Domain Admins 1536 Feb 21 11:18 AF673B00
    -rwsrws---+ 1 root AVMAX+Domain Admins 2225664 Apr 18 11:25 atr list.xls
    -rwxrwx---+ 1 AVMAX+tbullock AVMAX+Domain Admins 2191872 Apr 18 14:36 AVMAX TOOL LIST REVISED.xls

    User is still taking ownership. In this case me TBULLOCK. I have seen the permissions for the user change as well not just the owner.

    Example here is what it looked like after RHazen opened the same file:

    [root@atlas Tool_list]# ls -al
    total 4320
    drwsrws---+ 2 root AVMAX+Domain Admins 4096 Apr 18 13:58 .
    drwsrws---+ 9 root AVMAX+Domain Admins 4096 Feb 22 15:20 ..
    -rwsrws---+ 1 root AVMAX+Domain Admins 1536 Feb 21 11:18 AF673B00
    -rwsrws---+ 1 root AVMAX+Domain Admins 2225664 Apr 18 11:25 atr list.xls
    -r-Srwx---+ 1 AVMAX+RHazen AVMAX+Domain Admins 2154496 Apr 18 13:54 AVMAX TOOL LIST REVISED.xls



    What do you think?



    Travis Bullock
    Systems Administrator
    Avmax Group Inc.

    ----- Original Message -----
    From: "Carlos Rivera-Jones"
    To: "Travis Bullock"
    Cc: "samba"
    Sent: Wednesday, April 18, 2007 2:31:38 PM (GMT-0700) America/Denver
    Subject: RE: [Samba] SAMBA Problem - Users take ownership



    create mask = 0765
    create mode = 0777
    directory mode = 0770
    force create mode = 000


    Turn it to

    create mask = 2765
    create mode = 2777
    directory mode = 2770

    Delete

    force create mode = 000

    Test


    carlos

    -----Original Message-----
    From: Travis Bullock [mailto:tbullock@avmax.ca]
    Sent: Wednesday, April 18, 2007 4:19 PM
    To: Carlos Rivera-Jones
    Cc: samba
    Subject: Re: [Samba] SAMBA Problem - Users take ownership

    smb.conf file:

    [global]
    security = domain
    workgroup = AVMAX
    netbios name = atlas
    map to guest = Bad User

    encrypt passwords = yes
    password server = 10.2.32.1 10.2.0.4 10.4.0.3
    username level = 0
    #password server = 10.2.0.3 10.2.0.4 10.2.32.1
    deadtime = 3
    local master = no
    domain master = no
    domain logons = no
    wins support = yes
    remote announce = 10.4.0.0/20 10.3.0.0/20 #winbind use default
    domain = yes
    winbind separator = +
    winbind cache time = 10
    idmap uid = 10000-20000
    idmap gid = 10000-20000
    winbind enum users = yes
    winbind enum groups = yes

    hosts allow = 10.0.0.0/20 10.2.0.0/20 10.2.32.0/20 10.2.16.0/20
    10.3.0.0/16 10.128.0.0/16 10.4.0.0/16
    interfaces = 10.2.0.12 192.168.0.4
    log level = 2 winbind:5

    [Planning]
    comment = Avmax Planning Group Share
    browseable = yes
    writable = yes
    read only = no
    create mode = 0770
    directory mode = 0770
    path = /usr/avmax_shares/Planning

    [GFQ]
    comment = Great Falls QA
    browseable = yes
    writable = yes
    read only = no
    create mask = 0765
    create mode = 0777
    directory mode = 0770
    force create mode = 000
    path = /usr/avmax_shares/GFQ


    Those are two different types of shares. I am playing with the settings
    to see if I can make a difference to the share but so far no joy.
    Probably because I don't have a firm understanding of how those settings
    work.

    Cheers,

    Travis

    ----- Original Message -----
    From: "Carlos Rivera-Jones"
    To: "Travis Bullock" , "samba"

    Sent: Wednesday, April 18, 2007 2:14:19 PM (GMT-0700) America/Denver
    Subject: RE: [Samba] SAMBA Problem - Users take ownership


    Smb.conf share settings?

    carlos

    -----Original Message-----
    From: samba-bounces+carlos=sinu.com@lists.samba.org
    [mailto:samba-bounces+carlos=sinu.com@lists.samba.org] On Behalf Of
    Travis Bullock
    Sent: Wednesday, April 18, 2007 4:09 PM
    To: samba
    Subject: Re: [Samba] SAMBA Problem - Users take ownership

    Can anyone help me with this? This is a serious problem and it is really
    screwing me over.

    Cheers,

    Travis Bullock
    Systems Administrator
    Avmax Group Inc.

    ----- Original Message -----
    From: "Travis Bullock"
    To: "samba"
    Sent: Saturday, April 14, 2007 10:12:30 AM (GMT-0700) America/Denver
    Subject: [Samba] SAMBA Problem - Users take ownership

    Hi,

    I have a problem with my Samba/WinBIND implementation. In folders shared
    by multiple people the last one to access and modify a file takes
    ownership of the file and changes the permissions so other users cannot
    make changes to the same file:
    [root@atlas PLANNING RECORDS]# cd REGIONAL\ 1\ AIRLINE\ DOCS/
    [root@atlas REGIONAL 1 AIRLINE DOCS]# ls -al total 1232
    drwxrws---+ 8 root AVMAX+Domain Admins 4096 Apr 13 13:16 .
    drwxrws---+ 23 root AVMAX+Domain Admins 4096 Apr 3 08:14 ..
    drwxrws---+ 7 root AVMAX+Domain Admins 4096 Mar 20 13:01 AALI Reserves
    drwxrws---+ 3 root AVMAX+Domain Admins 4096 Mar 20 13:02 Archived
    drwxrws---+ Documents for Reg. 1
    -rwxrwx---+ 1 AVMAX+RMesheau AVMAX+Domain Admins 64512 Apr 13 12:56 LOG
    -rwxrwx---+ BOOK entry template.xls
    drwxrws---+ 6 root AVMAX+Domain Admins 4096 Mar 30 16:20 Logpages
    drwxrws---+ Monthly Templates Reports etc
    -rwxrwx---+ 1 AVMAX+ALee AVMAX+Domain Admins 552448 Apr 13 13:16 MOD SB
    -rwxrwx---+ Compliance Status ALEX.xls
    -r--rwx---+ 1 AVMAX+ALee AVMAX+Domain Admins 552448 Apr 12 13:35 MOD SB
    -r--rwx---+ Compliance Status.xls
    drwxrws---+ 2 root AVMAX+Domain Admins 4096 Mar 30 16:09 Monthly
    drwxrws---+ Workorder Templates
    drwxrws---+ 3 root AVMAX+Domain Admins 4096 Apr 3 09:06 SIP + Audit
    drwxrws---+ Spreadsheets
    drwxrws---+ 5 root AVMAX+Domain Admins 4096 Mar 20 13:04 Tally Sheets
    drwxrws---+ for Regional 1

    I want all ownerships to remain root:AVMAX+Domain Admins with drwxrws---
    set as the permissions. My ACL's look like this for a file:

    [root@atlas REGIONAL 1 AIRLINE DOCS]# getfacl MOD\ SB\ Compliance\
    Status.xls # file: MOD SB Compliance Status.xls # owner: AVMAX+ALee #
    group: AVMAX+Domain Admins
    user::r--
    user:root:rwx
    group::rw-
    group:AVMAX+Planning:rwx
    mask::rwx
    other::---

    I think group:AVMAX+Planning:rwx is good but appears to be ineffective
    once a user takes ownership of a file.

    And this for a directory:

    [root@atlas REGIONAL 1 AIRLINE DOCS]# getfacl Tally\ Sheets\ for\
    Regional\ 1/ # file: Tally Sheets for Regional 1 # owner: root # group:
    AVMAX+Domain Admins user::rwx group::rwx group:AVMAX+Planning:rwx
    mask::rwx
    other::---
    default:user::rwx
    default:group::rwx
    default:group:AVMAX+Planning:rwx
    default:mask::rwx
    defaultther::---

    Any ideas as to why this is happening?


    Travis Bullock
    Systems Administrator
    Avmax Group Inc.
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba


    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

+ Reply to Thread