This has been reported by a Debian user, then later confirmed by another: First user, John Goerzen: We are running Samba 3.0.23c on Debian. Over the weekend, we updated out file server to Debian's kernel 2.6.18. We had previously never run a kernel with ACL support enabled. Since the upgrade, we are seeing very strange permission behavior. It appears to berelated to POSIX ACL support in Samba. It seems that what's happening is this. We have a number of files that are user/group writable (permissions 0664). When a user that is someone other than the Unix owner of the file writes to it, the permissions switch to 0474 (-r--rwxr--) and an ACL is added with this second user getting read/write permission to it. Unfortunately, the Unix owner of the file now is locked out of writing to it. We never had any problem with permissions on these files before using the ACL-enabled kernel. Second user, Geoff Crompton: I'm also having this problem. Package: samba Version: 3.0.14a-3sarge2 in my case, using ext3: /dev/sda2 on /var/local type ext3 (rw,noatime,acl,user_xattr) I've got the following global samba settings: inherit acls = yes ea support = yes map acl inherit = yes nt acl support = yes And for that share I've got the following share specific settings: [company] comment = Company Files path = /var/local/company guest ok = No browseable = Yes read only = No valid users = @users, root invalid users = dataentry directory mask = 0775 create mask = 0775 force group = users admin users = root nt acl support = yes I can confirm that I get the same weird behaviour, ie what John Goersen said: > When a user that is someone other than the Unix owner of the file > writes to it, the permissions switch to 0474 (-r--rwxr--) and an ACL > is added with this second user getting read/write permission to it.
Another comment from the second user reporting the bug: My tests show that this problem has occured with excel 2003, and word 2003, but not with just a text file and using notepad. It might be related to https://bugzilla.samba.org/show_bug.cgi?id=1094. I'm unclear from that bug report if the solution was found, or not.
Created attachment 2252 [details] Level 10 log file Our user sent us a level 10 log file of his server when he experinced the problem
User's comment about the logfile I just sent: Hi Christian, I tried to email you the file, but even when bzipped it was too large for the debian servers. So you can download it from here for the next 10 days: http://ft.strategicdata.com.au/download.cgi?dl=VboYF1rrrd I've tried to highlight when things happened, hope thats helpful. The line numbers may only be a guide though, I don't really know what will be useful in the log file. Before test, temp/Test_Sharing.xls had -rwxrw-r-- 8:41:07, line 30909 testuser2 opened an existing file temp/Test_Sharing.xls. 8:41:13, line 40678 testuser2 Modified and saved file succesfully. Excel however showed the message "The document was saved successfully, but Excel cannot re-open it because of a sharing violation. Please close the document and try to open it again." File permissions are now -r--rwxr--+, and getfacl shows: # file: Test_Sharing.xls # owner: testuser2 # group: users user::r-- user:testuser1:rwx group::r-- mask::rwx other::r-- 8:42 line 236239 testuser2 opened file, but couldn't save it, opened readonly 8:43 line 406609 tesuser1 opened file, but couldn't save it, opened readonly -- Geoff Crompton Debian System Administrator Strategic Data +61 3 9340 9000
Yet another user comment: I've also just ran a test where I tried this on a share that has "nt acl support = no". I didn't have any problems in this case. So this might be an effective work around for my system.
. (don't worry, just a test I need on own of my bugs. Sorry for the noise)
the bug report was for 3.0.23c. I am pretty sure that this is not an issue in recent samba versions any more. If you can reproduce it with latest samba 4 releases, please reopen.