can't remove files with winbind - SMB

This is a discussion on can't remove files with winbind - SMB ; Hi all, There is a strange problem with winbind, all files permission doesn't match with winbind enabled mkdir /testsamba ls -ld /testsamba drwxr-xr-x 3 root root 4096 Nov 14 11:45 /testsamba touch /testsamba/file1 chown asltcsc /testsamba/file1 ls -l /testsamba/file1 -rw-r--r-- ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: can't remove files with winbind

  1. can't remove files with winbind

    Hi all,

    There is a strange problem with winbind,
    all files permission doesn't match with winbind enabled


    mkdir /testsamba

    ls -ld /testsamba
    drwxr-xr-x 3 root root 4096 Nov 14 11:45 /testsamba

    touch /testsamba/file1

    chown asltcsc /testsamba/file1
    ls -l /testsamba/file1
    -rw-r--r-- 1 asltcsc root 0 Nov 14 12:37 /testsamba/file1

    then I switch to user "asltcsc" and force to remove the file
    "asltcsc" is a W2k domain user(not local user)

    [asltcsc@asdss1 /]$ id
    uid=6963(asltcsc) gid=10000(Domain Users) groups=10000(Domain Users)

    [asltcsc@asdss1 /]$ rm -f /testsamba/file1
    rm: cannot remove `/testsamba/file1': Permission denied


    i can't remove the file even I change the file permission to 777,
    but when i change the owner of the folder "/testsamba" to asltcsc
    then the file "file1" can be removed.




    samba 3 - smb.conf
    [global]
    workgroup = CAD.ASD.GOV
    netbios name = asdss1
    server string = ASD HOME File Server
    realm = CAD.ASD.GOV
    security = ADS
    encrypt passwords = yes
    password server = 10.2.203.14
    log file = /var/log/samba/log.%m
    log level = 10
    dns proxy = No
    wins server = 128.2.5.14
    #
    winbind separator = _
    winbind use default domain = yes
    idmap uid = 1000-20000
    idmap gid = 1000-20000

    template homedir = /samhome/%U
    template shell = /bin/bash

    #### ldap options
    ldap suffix = dc=archsd,dc=gov,dc=hk
    ldap machine suffix = ou=Hosts
    ldap user suffix = ou=People
    ldap group suffix = ou=Group
    ldap idmap suffix = ou=People
    ldap admin dn = cn=root,dc=archsd,dc=gov,dc=hk
    ldap ssl = on
    ldap port = 636
    passdb backend = ldapsam:ldap://asdss1
    ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
    #
    idmap backend = ldap:ldap://asdss1


    Thanks for any advices

    Cyrus Tam

  2. Re: can't remove files with winbind


    "cyrustam888" wrote in message
    news:913f8d49.0311132046.bd12a4c@posting.google.co m...
    > Hi all,
    >
    > There is a strange problem with winbind,
    > all files permission doesn't match with winbind enabled
    >
    >
    > mkdir /testsamba
    >
    > ls -ld /testsamba
    > drwxr-xr-x 3 root root 4096 Nov 14 11:45 /testsamba
    >
    > touch /testsamba/file1
    >
    > chown asltcsc /testsamba/file1
    > ls -l /testsamba/file1
    > -rw-r--r-- 1 asltcsc root 0 Nov 14 12:37 /testsamba/file1
    >
    > then I switch to user "asltcsc" and force to remove the file
    > "asltcsc" is a W2k domain user(not local user)
    >
    > [asltcsc@asdss1 /]$ id
    > uid=6963(asltcsc) gid=10000(Domain Users) groups=10000(Domain Users)
    >
    > [asltcsc@asdss1 /]$ rm -f /testsamba/file1
    > rm: cannot remove `/testsamba/file1': Permission denied
    >
    >
    > i can't remove the file even I change the file permission to 777,
    > but when i change the owner of the folder "/testsamba" to asltcsc
    > then the file "file1" can be removed.
    >
    >


    I thought that behavior was standard. Creating (or deleting) a file in a
    directory changes the directory so they need permissions to do that.
    However, you don't have to change the owner of the directory, you can change
    the group or other permissions to allow write.

    >
    >
    > samba 3 - smb.conf
    > [global]
    > workgroup = CAD.ASD.GOV
    > netbios name = asdss1
    > server string = ASD HOME File Server
    > realm = CAD.ASD.GOV
    > security = ADS
    > encrypt passwords = yes
    > password server = 10.2.203.14
    > log file = /var/log/samba/log.%m
    > log level = 10
    > dns proxy = No
    > wins server = 128.2.5.14
    > #
    > winbind separator = _
    > winbind use default domain = yes
    > idmap uid = 1000-20000
    > idmap gid = 1000-20000
    >
    > template homedir = /samhome/%U
    > template shell = /bin/bash
    >
    > #### ldap options
    > ldap suffix = dc=archsd,dc=gov,dc=hk
    > ldap machine suffix = ou=Hosts
    > ldap user suffix = ou=People
    > ldap group suffix = ou=Group
    > ldap idmap suffix = ou=People
    > ldap admin dn = cn=root,dc=archsd,dc=gov,dc=hk
    > ldap ssl = on
    > ldap port = 636
    > passdb backend = ldapsam:ldap://asdss1
    > ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
    > #
    > idmap backend = ldap:ldap://asdss1
    >
    >
    > Thanks for any advices
    >
    > Cyrus Tam




+ Reply to Thread