Bug 10769 - force user parameter lead to permission denied
force user parameter lead to permission denied
Status: NEW
Product: Samba 4.1 and newer
Classification: Unclassified
Component: File services
x64 All
: P5 major
: ---
Assigned To: Samba QA Contact
Samba QA Contact
Depends on:
  Show dependency treegraph
Reported: 2014-08-14 13:30 UTC by Bruno MACADRE
Modified: 2018-12-11 17:05 UTC (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Bruno MACADRE 2014-08-14 13:30:08 UTC

After some researches, it appears that the 'force user' parameter was bugged in Samba 4.1.11/ I explain :

I've a share configured like this :
    Path = /Share/Admins
    Force user = administrator
    Force group = "domain admins"
    Create mask = 0750
    Directory mask = 0750
    Read only = No
    Oplocks = Yes

If I mount this share on a linux client (not member of the domain) :
# mount -t cifs -ousername=administrator //fileserv/Admins FOO

It works and an 'ls -l' reply:
total 4
drwxr-x--- 5 10500 50512    0 août  12 14:32 .
drwx------ 5 root  root  4096 août   4 09:18 ..
drwxr-x--- 4 10500 50512    0 août  12 14:33 Linux
drwxr-x--- 6 10500 50512    0 août   7 17:27 Windows

10500 is the UID of user "administrator" and 50512 is the GID of group "domain Admins"

If I do a 'touch FOO/bar' I get a Permission Denied. I get the same behaviour on a Win7 client (member of the domain).

If I comment the "force user" parameter (and restart SAMBA), the touch above works great (on Win7 too).

If I uncomment again the 'force user' parameter and try to remove the file 'bar' => "Permission Denied"

It's really obvious....