Problems with "Read Only" on a Samba share from Windows machines
Posted
by
fistameeny
on Server Fault
See other posts from Server Fault
or by fistameeny
Published on 2010-11-04T10:25:41Z
Indexed on
2012/09/22
9:40 UTC
Read the original article
Hit count: 321
We have a Ubuntu 10.04 Server that has a bunch of Samba shares on it that Windows workstations connect to. Each Windows workstation has a valid username/password to access the shares, which have restricted access governed by Samba.
The problem we are experiencing is that Samba doesn't seem to be able to mimic the Windows way of handling "Read Only" attributes.
Say I have two users, UserA and UserB, both a group called Staff - UserA creates a file that is readable/writeable by the group (ie. chmod rwxrwx---). If UserA then sets the "Read Only" flag, this changes the permissions to r-xr-x--- (i.e. no write for anyone).
As UserB is in the same group as UserA, they should be able to remove the "Read Only" permission - however, they can't as Samba won't allow it.
Is there a way to force Samba to allow users within the same group to remove the "Read Only" from a file not created by them?
Edit:
The Samba smb.conf is as follows:
The share is defined in the smb.conf as:
[global]
log file = /var/log/samba/log.%m
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
obey pam restrictions = yes
map to guest = bad user
encrypt passwords = true
passwd program = /usr/bin/passwd %u
passdb backend = tdbsam
dns proxy = no
netbios name = ubsrv
server string = ubsrv
unix password sync = yes
os level = 20
syslog = 0
usershare allow guests = yes
panic action = /usr/share/samba/panic-action %d
max log size = 1000
pam password change = yes
workgroup = workgroup
[Projects]
valid users = @Staff
writeable = yes
user = @Staff
create mode = 0777
path = /srv/samba/Projects
directory mode = 0777
store dos attributes = Yes
The folder itself looks like this:
ls -l /srv/samba/
drwxrwxrwx 2 nobody Staff 4096 2010-11-04 10:09 Projects
Thanks in advance,
Matt
© Server Fault or respective owner