System is ArchLinux, and I'm using nss-pam-ldapd (0.8.13-4) to connect myself to ldap.
I've got my users and some groups in LDAP:
[root@kain tmp]# getent group
<localgroups snipped>
dkowis:*:10000:
mp3s:*:15000:rkowis,dkowis
music:*:15002:rkowis,dkowis
video:*:15003:transmission,rkowis,dkowis,sickbeard
software:*:15004:rkowis,dkowis
pictures:*:15005:rkowis,dkowis
budget:*:15006:rkowis,dkowis
rkowis:*:10001:
And I have some directories that are setgid video so that the video group stays, and they're configured g=rwx so that members of the video group can write to them:
[root@kain video]# ls -ld /srv/video
drwxrwxr-x 8 root video 208 Oct 19 20:49 /srv/video
However, members of that group, say dkowis cannot write into that directory:
[root@kain video]# groups dkowis
mp3s music video software pictures dkowis
Total number of groups that dkowis is in is like 7, I redacted a few here.
[dkowis@kain wat]$ cd /srv/video
[dkowis@kain video]$ touch something
touch: cannot touch 'something': Permission denied
[dkowis@kain video]$ groups
dkowis mp3s music video software pictures
I'm at a loss as to why my groups show up in getent groups, but my filesystem permissions are not being respected. I've tried making a new directory in /tmp and setting it's group permissions to rwx, and then trying to write a file in there, it doesn't work. The only time it does work is if I open it wide up allowing o=rwx. That's obviously not what I want, and I'm not able to figure out what my missing piece is.
Thanks in advance.
