I have Samba version 4.3.11-Ubuntu. Ubuntu 14.04 LTS. I have created: - users, who are added to two groups: Code: administrator@ubuntu:/home$ cat /etc/group | grep Prace pelnePrace:x:1003:colo064,colo046 odczytPrace:x:1004:colo034,colo075 Group "pelnePrace" need to full access to share "Prace" but group "odczytPrace" need to have only read access. - directory "prace" to share with chmod 770: Code: administrator@ubuntu:/home$ ls -l drwxrwx--- 2 administrator administrator 4096 Nov 5 13:42 prace - Samba share (/etc/samba/smb.conf): Code: [Prace] path = /home/prace read only = no writable = yes browseable = yes valid users = @pelnePrace, @odczytPrace #valid users = colo064 read list = @odczytPrace create mask = 0750 directory mask = 0750 write list = @pelnePrace force group = @pelnePrace When I try to login as, for example, user colo064 or colo034 I haven't access to shared directory. What am I doing wrong?
I resolve this issue by comment out "force group = @pelnePrace". Now I have problem with privileges. I changed owner of "prace" directory to: Code: root@ubuntu:/home# ls -l drwxrws--- 4 colo064 pelnePrace 4096 Nov 6 11:29 prace and changed in smb.conf privileges in share from these above to them: Code: [Prace] path = /home/prace read only = no browseable = yes valid users = @pelnePrace @odczytPrace read list = @odczytPrace create mask = 0775 directory mask = 0775 write list = @pelnePrace #force group = @pelnePrace and added sticky bit to files/directories would inherit the group ownership of the parent directory ("prace"). Although there is create mask and directory mask set to 0775, newly created directories get 775 but files 764 as you can see below: Code: root@ubuntu:/home/prace# ls -l total 12216 drwxrwsr-x 2 colo046 pelnePrace 4096 Nov 6 11:29 colo046 -rwxrw-r-- 1 colo046 pelnePrace 1905174 Nov 6 11:30 colo046.bmp -rwxrw-r-- 1 colo046 pelnePrace 7 Nov 6 11:29 colo046.txt Now user colo046 can't read any file and also can't open any directory owned by colo064. They are both in group pelnePrace.
Those bmp and txt files should not have executable bit (unless they are confusingly named executables) Directory, however, should have x to allow browsing the directory. And x replaced by s when directory group should be copied to files in that dir.
File .bmp is screenshot saved to .bmp and .txt is notepad file with some text. So files should have 664 and directories 775 in this case. These privileges are strange, because I set in smb.conf file: create mask = 0775 directory mask = 0775 so files and directories should have 775 but they didn't. And one more probably important thing. These .bmp and .txt files are created under win10 in samba share. Maybe I should use some umask or something. I have no idea now. PS Do you know how Samba gives privileges?
