我遇到一个问题,即使用 Linux 客户端在 samba 共享上未强制执行权限位。我在服务器上配置了 samba 以强制特定用户、组和权限位,并且这会按预期工作,直到我触摸该文件或它成为 IO 重定向的目标。
这是发生的事情:
user@linuxbox:~-->ls -l ~/archive/foo.txt
ls: cannot access /home/user/archive/foo.txt: No such file or directory
user@linuxbox:~-->touch ~/archive/foo.txt
user@linuxbox:~-->ls -l ~/archive/foo.txt
-rw-rw-r-- 1 archive archive 0 2010-09-13 20:29 /home/user/archive/foo.txt
user@linuxbox:~-->touch ~/archive/foo.txt
user@linuxbox:~-->ls -l ~/archive/foo.txt
-rwxrwxrwx 1 archive archive 0 2010-09-13 20:30 /home/user/archive/foo.txt
请注意,当我触摸现有文件时,其权限位是 0777。它们应该是 0664,就像第一次创建时一样。如何对现有文件强制执行 0664?
我在服务器上有版本 3.0.24,在客户端上有版本 3.4.7。这是我的 smb.conf:
[global]
interfaces = egiga0
unix charset = UTF8
workgroup = workgroup
netbios name = foo
server string = Foo
security = USER
map to guest = bad user
host msdfs = no
encrypt passwords = yes
[archive]
comment = File Archive
path = /home/archive
force user = archive
force group = archive
read only = yes
write list = @archive
guest ok = yes
create mask = 0
force create mode = 0664
security mask = 0
force security mode = 0664
directory mask = 0
force directory mode = 0775
directory security mask = 0
force directory security mode = 0775
答案1
samba 权限仅适用于 SMB(即 Windows)网络客户端。如果您想在服务器(以及任何 NFS 客户端)上强制执行此操作,您需要在所有目录上设置粘滞位。
首先更正那里的文件:
chown -R archive /home/archive
chgrp -R archive /home/archive
find /home/archive -type d -exec chmod 0775 {} \;
find /home/archive -type f -exec chmod 0664 {} \;
然后使用组粘性位强制执行此操作
find /home/archive -type d -exec chmod g+s {} \;
这虽然不是绝对正确的,但确实解决了 99% 的此类问题。
问候戴夫F
我的 Solaris 盒子上的结果:
davef@dalek[10]$ cd /proj/ftptmp
davef@dalek[11]$ ls -ld .
drwxrwsr-x 60 root ftpusers 377 Oct 5 09:31 ./
davef@dalek[12]$
davef@dalek[12]$ ls -l foo.txt
foo.txt: No such file or directory
davef@dalek[13]$ touch foo.txt
davef@dalek[14]$ ls -l foo.txt
-rw-rw-r-- 1 davef ftpusers 0 Oct 15 11:49 foo.txt
davef@dalek[15]$ touch foo.txt
davef@dalek[16]$ ls -l foo.txt
-rw-rw-r-- 1 davef ftpusers 0 Oct 15 11:49 foo.txt
davef@dalek[17]$
davef@dalek[17]$ umask
2
davef@dalek[18]$