Bug 1077 - Word opens file as read-only (acl is Full Cont4rol)
Summary: Word opens file as read-only (acl is Full Cont4rol)
Status: RESOLVED INVALID
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: File Services (show other bugs)
Version: 3.0.2
Hardware: All Linux
: P3 major
Target Milestone: none
Assignee: Gerald (Jerry) Carter (dead mail address)
QA Contact:
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-02-13 17:10 UTC by Steven Blair
Modified: 2005-11-14 09:24 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Steven Blair 2004-02-13 17:10:44 UTC 
After upgrading to 3.0.2 with the same compile and build options as 3.0.1, users
could  only open MS Word docs as read-only when those docs were set with acl
perms for Full Control. Word docs could be edited prior to upgrade and after
reversion. Build options and smb.conf follow.

Word docs in question were located on "internal" share.

OS is RHES 3.0.

# build options
./configure \
--target i686 \
--enable-cups \
--with-smbmount \
--with-libsmbclient \
--with-acl-support \
--with-configdir=/usr/local/samba/etc

# smb.conf
[global]
	workgroup = XXXX
	netbios name = XXXX1
	server string = XXXX File Server
	map to guest = Bad User
	guest account = ftp
	invalid users = bin daemon adm sync shutdown halt mail news uucp operator
gopher wtuser
	veto files = /*.eml/*.nws/riched20.dll/*.{*}/
	log file = /usr/local/samba/var/log.%m
	log level = 1 
	max log size = 1000000
	socket options = TCP_NODELAY IPTOS_LOWDELAY IPTOS_THROUGHPUT SO_KEEPALIVE
	bind interfaces only = yes
	interfaces = eth1 127.0.0.1
	large readwrite = yes
	load printers = no

	os level = 65
	preferred master = yes
	domain master = yes
	local master = yes

	domain logons = yes
	logon path = \\%L\profiles\%u
	logon script = scripts\logon.cmd
	logon drive = H:
	logon home = \\%L\%u
	add machine script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine
Account' -s /bin/false -M %u

	security = user
	encrypt passwords = yes
	smb passwd file = /usr/local/samba/private/smbpasswd

	dns proxy = no
	remote announce = xxx.xxx.255.255
	wins support = no
	wins server = xxx.xxx.xxx.xx
	wins proxy = yes
	remote browse sync = xxx.xxx.xxx.xxx
	
	deadtime = 5
	keepalive = 30
	name resolve order = wins hosts lmhosts bcast
	hosts allow = xxx.xxx. 
	time server = yes

	printing = cups
	load printers = yes
	printcap name = cups
	
[printers]
	comment = All Printers
	path = /var/spool/samba
	browseable = no
	guest ok = yes
	printable = yes
	public = yes
	writeable = no
	printer admin = @ntadmin,root

[print$]
	comment = Printer Drivers
	path = /usr/local/samba/drivers
	browseable = yes
	guest ok = no
	read only = yes
	write list = @ntadmin,root

[netlogon]
	path = /usr/local/samba/netlogon
	read only = yes
	valid users = @users
	write list = @ntadmin

[profiles]
	path = /usr2/profiles
	writeable = yes
	create mask = 0600
	directory mask = 0700
	profile acls = yes
	csc policy = disable

[homes]
	path = /usr2/home/%u
	writeable = yes
	create mask = 0600
	directory mask = 0700
	browseable = no
	hide dot files = yes

[public]
	comment = XXXX Public on XXXX1
	path = /lv2/public
	read only = no
	create mask = 0664
	directory mask = 0775
	force group = users
	admin users = @ntadmin
	browseable = yes
	hide dot files = yes
	guest ok = yes
	
[read_only]
	comment = Read-Only on XXXX1
	path = /lv2/read_only
	read only = yes
	browseable = yes
	hide dot files = yes
	valid users = @users,@ntadmin
	admin users = @ntadmin
	create mask = 0644
	directory mask = 0755

[admin1]
	path = /lv1
	valid users = @ntadmin
	admin users = @ntadmin
	browseable = no
    create mask = 0666
    directory mask = 0777
	force group = users
	writeable = yes

[admin2]
	path = /lv2
	valid users = @ntadmin
	admin users = @ntadmin
	browseable = no
    create mask = 0666
    directory mask = 0777
	force group = users
	writeable = yes

[pdf]
    comment = PDF creator on XXXX1
    path = /usr2/pdf
    writeable = yes
    browseable = yes
    hide dot files = yes
    guest ok = yes

[procad]
	comment = Admin Share
	path = /lv2/procad
	admin users = @ntadmin
	write list = @ntadmin

[proposal]
	comment = Proposal share
	path = /lv2/proposal
	create mask = 0666
	directory mask = 0777
	admin users = @ntadmin
	valid users = @mti
	writeable = yes
	browseable = yes
	guest ok = no

[modchk]
	comment = ModelCHECK on LYNX1
	path = /usr2/modchk
	writeable = yes
	create mask = 0666
	directory mask = 0777
	force group = users
	admin users = @ntadmin
	browseable = no

[status]
	comment = IT Status Reports
	path = /usr2/status
	read only = yes
	write list = @ntadmin
	create mask = 0666
	directory mask = 0777
	browseable = no

[users]
	comment = User Directories
	path = /lv2/users
	valid users = @users
	admin users = @ntadmin
	read only = no
	browseable = yes
    create mask = 0664
    directory mask = 0775

[internal]
	comment = XXXX Internal
	path = /lv2/internal
	valid users = @users
	admin users = @ntadmin
	read only = no
	browseable = yes
	create mask = 0666
	directory mask = 0777

[xxxxxxxx]
	comment = XXXX XXXX Files
	path = /lv2/xxxxxxxx
	valid users = @rate
	admin users = @ntadmin
	read only = no
	browseable = no
	create mask = 0660
	directory mask = 0770
	force group = rate
Comment 1 Gerald (Jerry) Carter (dead mail address) 2004-03-18 06:27:59 UTC 
please attach a level 10 debug log.  Thanks.
Comment 2 Gerald (Jerry) Carter (dead mail address) 2004-04-22 20:20:30 UTC 
no feedback.  CLosing
Comment 3 Gerald (Jerry) Carter (dead mail address) 2005-11-14 09:24:18 UTC 
database cleanup