[olug] Samba rant and request for feedback
dbw
lug at robotz.com
Wed Feb 28 19:39:03 UTC 2001
I am using roaming profiles. I am still having problems with file
permissions. Here is a snippet of my smb.conf file:
[G]
comment = Greensheets
path = /home/share/G_Greensheets
read only = No
create mask = 0777
force create mode = 0777
guest ok = Yes
Note the create mask value of 0777. Yet, when an smb user creates
a file on the G share, it saves with incorrect file permissions.
The incorrect permissions allows other users to VIEW the file but
not MODIFY and SAVE the file.
Office users are members of a group defined as "users" and the group
permission must be set to allow all members of the "users" group
to read, modify, and save their work (usually excel spreadsheets).
Sometimes it works correctly and saves the newly created file as
it should, such as in this example:
-rwxrwxrwx 1 shari users 13824 Feb 28 13:51 test.xls
And sometimes it does not. The same user on the same drive at other
times it will save with incorrect file permissions such as:
-rwxr-xr-x 1 shari users 13824 Feb 28 13:51 test.xls
All directories are set to 0777 and each office user is a member
of the group "users".
The odd thing is how it works part of the time, such as today when
I test it. However, at other times it does not work (this is when
they call me at home because they can not save their excel).
Did I use 'force create mode' correctly? Is there something else?
Thank you!
-Derek
At Thursday, 8 February 2001, you wrote:
>Hi Derek,
>
> I guess you havent looked at the samba team membership lately,
cause
>you'll see my name ;-) ( Or you have, that's why you are asking
this in an
>"around the bush" way :) In any event, I have setup/used samba
in 100+ user
>environments ( yes, as a NT-PDC ) and It work's great, yes there
are a few
>pitfalls with the NT-acl issues ( file perm changing etc.. ) these are
>mostly due to nt-acl not being inline with the posix semantics.
etc.. etc..
>etc... ( I could go on for day's ) Anyway's , post your config
somewhere
>and we call all take a look at it and go from there. now, I am under
the
>impression you are using roaming profiles, as you've stated they get
>corrupt.. etc... do you have the logon path setup or are the profiles
being
>written to the user's home directory? also, you've mentioned you
where using
>`create mask 0777` on one of your shares, I have _always_ had issue
with
>this in large user environments ( ideally you'd want to use the `force
>create mode` instead ( remember, `create mask` bit-wise and's the
>permision's with what the client is requesting to save the file
as ) the not
>being able to logon sound like permision issue's as well ( file
that is )
>weird thing's happen when window's messes up the profile some way,
etc... so
>sure, post the config and we'll go from there.
>
>----- Original Message -----
>From: "dbw" <lug at robotz.com>
>To: <olug at bstc.net>
>Sent: Thursday, February 08, 2001 6:12 PM
>Subject: [olug] Samba rant and request for feedback
>
>> Concerning Samba.
>>
>> I am using Samba as 1)pdc for an NT network -w- all clients being
>> NT Workstation 4.0 and 2) office file server 3) NT user authentication
>> to the NT domain (which is Samba).
>>
>> Both at home and at work I am using a Linux Samba driven network
>> server in very similar ways. The primary difference is that the
>> number of users on my company's home office LAN is greater (10 or
>> more during a given work day) than the users on my home network (my
>> wife and I, and sometimes a third computer when we have a guest over
>> for Quake).
>>
>> Getting right to the point, I haven't really had any problems on
>> my home LAN using Samba. It works great and is a much better value
>> as compared to buying a licensed copy of NT server for use at my
>> home. At home all the client pc's are either Linux or win98 and
>> I use NT domain authentication. My wife and I are reasonably careful
>> that we always log off properly and the setup-using Samba seems
reasonably
>> trouble free. I have had this arrangement for nearly two years now
>> using Slackware and Redhat and two different versions of Samba.
>>
>> The office is an entirely different matter. Nothing but trouble!
>> I thought that Samba worked so great on my home LAN that it would
>> be a blessing at work. The idea of getting rid of NT server and
>> working in an environment I enjoyed, ie Linux, would complement that
>> which I read about Samba being far more stable and easier to manage
>> compared to an NT domain server.
>>
>> At least one office user's profile is corrupted a week. Usually
>> because that individual did not log off properly or something, but
>> still it seems quite fragile.
>>
>> Using 'create mask = 0777' for example, at home, works fine, On
>> the office LAN files are created so that the group permission do
>> now allow write access. So when one of the office staff tries to
>> modify a file created on the public drive by another member of the
>> office staff, they cannot save. There are no directory redundancies
>> or syntactical errors to explain this behavior. All users are
members
>> of the 'user' group. Because my configuration at the office so
closely
>> resembles the configuration at home, there should not be a problem;
>> given that it has always worked fine at home.
>>
>> Today for no apparent reason the Samba box will not allow half of
>> my office users to log in. Files that appear on the file system
>> under the Linux server itself are invisible to the network neighborhood
>> browser on the winNT workstations. When Shari and Jamie log in all
>> of their desktop icons are missing and they cannot access msie.
>> Yet Tanya's login and desktop is fine. Keeping in mind that no one
>> touches this server and that it is in a secure area + is not on the
>> Internet at all to be exploited, I can find no reasonable explanation
>> for all of these problems that have continuously plagued my office
>> installation of a Samba file server. After all, I went with Samba
>> over NT because I have so little free time to baby-sit these servers,
>> I wanted something closer to the idealistic "maintenance free"
concept.
>>
>>
>> I'm a big advocate of Samba and I understand quite well the server
>> message block protocol from my days as a MS NT network admin at
Inacom.
>> I want to prove to all of my old NT zealot colleagues that Linux
>> can do the same thing and do it better thanks to free and open source
>> technologies like Samba, but right now I am pulling my hair out and
>> I have an office full of people that are ready to throw me under
>> a bus and run over me.
>>
>> Other than being a rant, I am interested in hearing feedback from
>> people that ARE using Samba in a WORK / COMMERCIAL environment to
>> serve office staff of no fewer than 10 people. Also, it would be
>> additionally interesting to hear that it is being used as a pdc for
>> an NT domain and NT network user authentication. I am interested
>> in knowing how well it is working for "you" and how many problems
>> you are having.
>>
>> My overall analysis will help me to decide if I want to keep going
>> with Samba or go back to NT server 4.0 sp6a blah blah, which I really
>> hate even thinking about. :o) But d at mn I am so frustrated right now,
>> and the thought of having to go into work tomorrow during this icy
>> crap when I could have otherwise worked from home further frustrated
>> me with Samba.
>>
>> There may be things that I am overlooking or doing incorrectly.
>> However, and no offence to anyone, they won't be third grade level
>> - easy to point out mistakes but there might be something concerning
>> the use of the Samba box as a primary NT domain controller or
something
>> that I am. I know that there are a lot of brilliant individuals
>> in this group, so I am eager to receive feedback.
>>
>> Also, I have so little time to continue to baby-sit this project.
>> Anyone that is thoroughly familiar with Samba and server message
>> block; if you would please contract me if you are interested in doing
>> some contract work in Lincoln. Basically, getting this thing up and
>> running once and for all and/or pointing out to me what I am missing
>> I would very much appreciate hearing from you. I don't simply want
>> to re-install and start from scratch, I want to learn what I am
possibly
>> doing wrong OR conclude once and for all that *gasp* Samba is too
>> immature in its development at this time to serve my needs.
>>
>> My samba is version 2.0.6 : and yes I do plan to upgrade to the
latest
>> to see if that fixes my problem. I have no Win2000 pc's on my LAN
>> at this time nor do I have any plans to in the near future. Maybe
>> the upgrade is all I need to do, what do you think?
>>
>> -end of rant-
>>
>> -Derek
>>
>> ps: Adam at AIM who spoke after Jason during the OLUG meeting, I
>> lost your b-card, could you please email me your name and contact
>> information. Thank you!
>>
>>
>>
>> ______ __ _ ________________________________________
>> _____ / / (_)__ __ ____ __ ___
>> ____ / /__/ / _ \/ // /\ \/ / commando at robotz.com ___
>> ___ /____/_/_//_/\_,_/ /_/\_\ _________________________
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: olug-unsubscribe at bstc.net
>> For additional commands, e-mail: olug-help at bstc.net
>>
>>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: olug-unsubscribe at bstc.net
>For additional commands, e-mail: olug-help at bstc.net
>
---------------------------------------------------------------------
To unsubscribe, e-mail: olug-unsubscribe at bstc.net
For additional commands, e-mail: olug-help at bstc.net
More information about the OLUG
mailing list