Client: Windows XP Samba Server: SuSE Linux 10.0 (samba3.0.23c-12.1.37) Installed programs: libsmbclient 3.0.23c samba 3.0.23c-12.1.37 samba-client 3.0.23c yast2-samba-client 2.12.4 yast2-samba-server 2.12.8 Note: winbind is not installed. <<START SMB.CONF>> [global] workgroup = tames printing = cups printcap name = cups printcap cache time = 750 cups options = raw printer admin = @ntadmin, root, administrator username map = /etc/samba/smbusers map to guest = Bad User include = /etc/samba/dhcp.conf logon path = \\%L\profiles\.msprofile logon home = \\%L\%U\.9xprofile logon drive = P: security = user encrypt passwords = yes #passdb backend = ldap idmap suffix = ou=Idmap ldap machine suffix = ou=Computers netbios name = tames01 ldap suffix = dc=example,dc=com [homes] comment = Home Directories valid users = %S browseable = no read only = no inherit acls = yes create mask = 0660 directory mask = 0770 [aods] # comment = aods program files path = /opt/aods read only = no browseable = yes create mask = 0660 directory mask = 0770 [web] # comment = Apache2 web files path = /srv/www read only = no browseable = yes create mask = 0664 directory mask = 0775 <<END SMB.CONF>> PROBLEM: user1 and user2 in group1. client logged into server through samba as user1. file owned by user2. #chmod 440 /opt/aods/php/mainmenu.php #ls -l /opt/aods/php/mainmenu.php -r--r----- 1 user2 group1 870 Oct 30 11:46 mainmenu.php <<from terminal, user1 cannot write to mainmenu.php>> <<from samba, ro flag set, user1 cannot write to mainmenu.php>> #chmod 460 /opt/aods/php/mainmenu.php #ls -l /opt/aods/php/mainmenu.php -r--rw---- 1 user2 group1 870 Oct 30 11:46 mainmenu.php <<from terminal, user1 can write to mainmenu.php>> <<from samba, ro flag set, user1 cannot write to mainmenu.php>> #chmod 640 /opt/aods/php/mainmenu.php #ls -l /opt/aods/php/mainmenu.php -rw-r----- 1 user2 group1 870 Oct 30 11:46 mainmenu.php <<from terminal, user1 cannot write to mainmenu.php>> <<from samba, ro flag not set, user1 cannot write to mainmenu.php>> #chmod 660 /opt/aods/php/mainmenu.php #ls -l /opt/aods/php/mainmenu.php -rw-rw---- 1 user2 group1 870 Oct 30 11:46 mainmenu.php <<from terminal, user1 can write to mainmenu.php>> <<from samba, ro flag not set, user1 can write to mainmenu.php>> As you can see, the samba server is not checking the group permission bit when setting whether mainmenu.php is read-only. I have not tested this with the "other" permission bit.
Sorry, just found out about the "map read only = Permissions" option in smb.conf. Apparently this behavior is by design, and not a bug. Sorry about the confusion...