I’m having an issue with a windows application that despite normal read/write access in windows explorer (windows 7 pro 64 bit), when the application tries to export files to the share I get an access denied error.
If I chmod -r 777 to the entire share the application can write to a directory, however if as a windows user I create a new folder, the disk access denied in the application export returns. Then I’m back to chmod -r 777 to temporarily fix.
On a private share the owner is correctly set but the application is denied access, on a public share when a folder is created via windows, it inherits ‘nobody’ user permission (i.e. the guest). Yes, the application doesn’t like this, and is denied disk access.
So, I’m looking at adding the following to /etc/samba/overall_share
create mask = 000
directory mask = 000
force create mode = 777 #permissions I want on all files
force directory mode = 777 #permissions I want on all directories
How woudl I add to
## BEGIN ## sharename = Public #
[Public]
path = /DataVolume/shares/Public
comment = Public Share
public = yes
browseable = yes
writable = yes
guest ok = yes
map read only = no
## END ##
## BEGIN ## sharename = Private #
[Private]
path = /shares/Private
comment = Private share
invalid users =
valid users = admin
read list =
write list = admin
map read only = no
## END ##
That must be a W7 Pro 64-bit thing. I noticed that if a file is copied to a share with WinSCP, later I can’t overwrite it from Windows but I can delete it and then copy the file. The group and ownership has changed but this doesn’t happen using W10TP.
I had this problem and used the below command as for some reason root was the owner of my share and the only one allowed to access it even though the dashboard showed my user account as having access.
chown -hR (username) /shares/xxxxx (where xxxxx is the share folder)
Both OP and you msut have had problems to do that. You never ever have do that as it compromises security.
this is the flow with Samba and Unix:
create a user, user will have a default group.
add user to samba database
as root create a share and make share owned by root (default) and nominate a group that can have access to that share and make the group owner of the share (NOT USER)
for each user modify them to belong to that nominated share as well.
anyuser that belongs to that share will be able to access it.
that is it, that is all is needed.
in WDmycloud case, they added an extra layer of security in the dashboard (some sort of database to control individual acess even if they belong to the same share). My guess is that creating many arbitrary groups is not useful in this case.
so they create a couple of groups (mostly “share” for all users). that is why all shares are owned by root and “shares”.
anything else you are compromising security of your box (if you care ).