Bug 9387 - force user setting not taking effect
Summary: force user setting not taking effect
Alias: None
Product: Samba 3.5
Classification: Unclassified
Component: File services (show other bugs)
Version: 3.5.6
Hardware: All Linux
: P5 normal
Target Milestone: ---
Assignee: Volker Lendecke
QA Contact: Samba QA Contact
Depends on:
Reported: 2012-11-12 15:28 UTC by John
Modified: 2012-11-25 13:49 UTC (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description John 2012-11-12 15:28:09 UTC
I am experiencing a situation where the "force user" setting on a share is not working as expected.  But it is only a problem when using the "tdbsam" passdb backend setting.  If I change that to use the "smbpasswd" backend (which contains the same username and password combinations) and leave all other configuration settings unchanged, then the "force user" setting works as expected, no problems.

When using the tdbsam backend, the file operations get performed (or denied) as the "nobody" user (actually, I have verified that it gets performed as whatever is configured for the "guest account" setting).  And I am NOT using "map to guest" while testing this.

My details are as follows:
Debian Linux 6.0.6
Debian Samba package: 2:3.5.6~dfsg-3squeeze8

Relevant global config:
     security = user
     # map to guest --- not using this
     passdb backend = tdbsam
     guest account = nobody
     invalid users = root

Example share definition:
        path = /something
        browseable = yes
        writeable = yes
        guest ok = no
        valid users = user1 user2 
        force user = user3
        create mask = 0775
        force create mode = 0775
        directory mask = 0775
Comment 1 Volker Lendecke 2012-11-25 13:49:49 UTC
Took your exact smb.conf (with path=/tmp). Ubuntu 12.04, pure ./autogen.sh; ./configure; make build of 3.5.6. Logged in with

smbclient // -Uuser1%asdf

did a "mkdir bla".

root@samba:~# ls -ld /tmp/bla
drwxrwxr-x 2 user3 user3 4096 Nov 25 13:48 /tmp/bla

To me this means force user worked in this environment. We need more information to pursue this further