AnswerBun.com

Samba shared folder with setgid problem

Unix & Linux Asked by alex.forencich on December 24, 2020

I am setting up a file server with a shared directory. Inside, there are per-user folders that are readable by any user and a shared directory that is readable and writeable by any user. The per-user folders are simple enough. However, I am having some issues with the shared folder. I performed the standard procedure for making a set GID folder:

# chown root shared
# chmod -R ug+rwX shared
# chgrp -R users shared
# find shared -type d -exec chmod g+s "{}" ;
# find shared -type d -exec setfacl -m "default:group::rwx" "{}" ;

After ensuring all users are in the ‘users’ group, this works perfectly via direct console login, ssh, rsync, etc. However, there are some issues with samba.

With the default samba config, the SGID bit and GID are propagated, but new files and folders do not have the group write bit set. This appears to be because the ACL is being ignored. According to Samba Ignoring POSIX ACLs, the solution is to add vfs objects = acl_xattr to smb.conf. When I set that, the group write permission is correctly set. However, the group is then set to the user’s primary group instead of the group of the parent directory, which rather defeats the purpose of the set GID bit. I tried the other smb.conf adjustments noted in the link (map acl inherit = yes, store dos attributes = yes, and inherit acls = yes), but these had no effect. What’s the proper way to make this work?

One Answer

To set group, user and permissions for new files and folders, I use this config on the server (in smb.conf):

[shared-folder]
   writeable = yes
   force user  = "user"
   force group = "users"
   create mask = 0664
   force create mode = 0664
   directory mask = 0775
   force directory mode = 0755

You could handle the common folder this way, through a separate shared folder.

Note: as pointed out in the comments, this setup may not be compatible with ACLs. I would recommend doing this only if you are going to rely on UNIX permissions only.

Answered by simlev on December 24, 2020

Add your own answers!

Related Questions

End process but resume bash script?

0  Asked on November 14, 2021 by jethr0

       

Old 2004 FreeBSD Box & SSH

2  Asked on November 14, 2021 by prog9910

   

How can I configure Yast to switch languages completely?

2  Asked on November 11, 2021 by andrew-j-brehm

       

How to copy files from one machine to another using ssh

10  Asked on November 11, 2021 by user3021349

   

systemctl command not working in RHEL 6

3  Asked on November 11, 2021 by ranjan-kumar

     

Create reusable functions bash

1  Asked on November 11, 2021 by hdev007

   

OS doesn’t see newly installed SSD (SATA)

0  Asked on November 11, 2021 by k1npatsu

         

Ask a Question

Get help from others!

© 2022 AnswerBun.com. All rights reserved. Sites we Love: PCI Database, MenuIva, UKBizDB, Menu Kuliner, Sharing RPP