In 3.5.8, when a Linux client creates a new file, "force create mode" is not correctly applied. Using the same configuration, it works correctly in 3.5.7. Configuration: [data] comment = Data path = /shared/data valid users = @shared force user = shared force group = shared read only = No create mask = 0770 force create mode = 0660 directory mask = 0770 force directory mode = 0770 browseable = No force security mode = 0660 security mask = 0770 force directory security mode = 0770 directory security mask = 0770 Using the above configuration, when a Linux client creates a new file, it gets permissions of 640 instead of 660. In 3.5.7, it correctly gets permissions of 660. unix extensions is enabled by default. Client is using smbclient 3.5.8 and cifs-utils 4.9. The only cifs mount option used by the client is noatime. I have downgraded to 3.5.7 for now because of this issue.
Can you attach a wireshark trace of this activity from the client, as well as the associated debug level 10 log that show this please ? Thanks, Jeremy.
Has there been any progress on this one? I have the exact same problem on: Server: Slackware 13.1 - Samba 3.5.8 Client: Ubuntu 10.04 - Samba 3.4.7
Created attachment 6446 [details] Level 10 log of a "touch test" from the client I did a sequence of "touch test{1,2,3,..}" on the client; this log starts several seconds before and ends several seconds after the "touch". All touch commands result in a "Permission denied" error on the client. However, the file is created, but with mode 0646 instead of 0666. As you see, the "others" part of the mode is properly set, only group permissions seem broken.
@Jeremy Thank you for the email. I've now set "directory mask = 0000" and "force directory mode = 0000". New directories are now created with a mode of 020. So it appears that the group write bit is always set regardless of "directory mask" and "force directory mode" options. My guess is that "directory mask" isn't being applied correctly. If you need any further information, let me know.
After some further investigation it appears that the group write bit is coming from the client and not from the directory mask being incorrectly applied as I first thought. Testing with a Debian 6 client and libsmbclient-3.5.6 (via GNOME), the write bit isn't set. While on the same system using cifs-utils-4.5 the write bit is set. The server is running Gentoo with Samba 3.5.14.
I am observing the same problem here as in comment 4 concerning the group write bit. Using cifs-utils v. 5.0 (Ubuntu 11.10) on the client and samba 3.4.3 on the server (SLES 11 SP1). A good way to reproduce it is to 1) one the client open a terminal, set the umask to 0077 2) from the client create a file in a directory mounted as a samba share from the server (touch test): the permissions of the file are correct (0600) 3) write something to the file (echo > test): now the permissions are 0620 !)
The issue I described in comments 4 and 5 have been fixed in bug #8972.