[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Samba writes wrong file permissions

>> > Take a look at "testparm -sv | grep map".
>> Thanks. I'm  not familiar with "map hidden".  What does it mean?  Here it
>> is:
> I don't see the answer there.  Can you post
> your whole smb.conf, and your samba version?

I think we might be on the wrong track here.  I think that the Windows
client changes the file to world read/write/execute for all users and
groups, and this creates these permissions on the file on my debian

Is there any way that Samba can prevent these permissions from being
created? - I'd like to avoid world-writeable files on my system.

I think that "map hidden" refers to hidden files created on
DOS/Windows machines.
FYI here is my smb.conf:

   panic action = /usr/share/samba/panic-action %d
        workgroup = ONCOLOGY
        server string = %h server (Samba %v)
        encrypt passwords = true
   passdb backend = tdbsam
        obey pam restrictions = Yes
        passwd program = /usr/bin/passwd %u
        passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
        syslog = 0
        log file = /var/log/samba/log.%m
        max log size = 1000
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        dns proxy = No
        invalid users = root
        printing = cups
        printcap name = cups
        time server = yes
        dos filetimes = yes
        fake directory create times = yes
        dos filetime resolution = yes
        delete readonly = yes
# Added today:
        map hidden = Yes

        comment = Home Directories
        path = /home/%S/.doc
        read only = No
        create mask = 0700
        directory mask = 0700
        browseable = No
        comment = All Printers
        path = /tmp
        printable = Yes
        browseable = Yes
        path = /home/apache/files
        force user = www-data
        force group = www-data
        read only = No
        create mask = 0641
        force directory mode = 755
        guest ok = Yes

Reply to: