Jamie Gruener
Dabbler
- Joined
- Jan 20, 2014
- Messages
- 18
I originally posted this in another thread, but at the recommendation of user anodos, I'm creating a new thread.
We have a FreeNAS 9.2.1.5-RELASE instance with several CIFS shares. Accessing and using these shares from Windows 7 clients works just fine, until we throw some CentOS boxes into the mix.
My client is a bare-bones CentOS 6.5 client. I did all of the tests with the original mount.cifs command (version 4.8.1) and then upgraded to the current version (6.4) and then re-ran the tests with the same results.
My mount command:
mount -t cifs //server/share /mnt/share/ -o username=my_username,uid=root,gid=root,domain=my_domain,sec=ntlmv2,cifsacl
First I just create a file and get the permissions:
[root@localhost share]# touch file1
[root@localhost share]# getcifsacl file1
REVISION:0x1
CONTROL:0x8004
OWNER:S-1-5-21-[my_domain_id]-3360
GROUP:S-1-5-21-[my_domain_id]-513
ACL:S-1-5-21-[my_domain_id]-3360:ALLOWED/0x0/FULL
ACL:S-1-5-21-[my_domain_id]-513:ALLOWED/0x0/FULL
Looks good!
Then I edit the file and get permissions again:
[root@localhost share]# vi file1 (added a couple of words then saved)
[root@localhost share]# getcifsacl file1
REVISION:0x1
CONTROL:0x8004
OWNER:S-1-5-21-[my_domain_id]-3360
GROUP:S-1-5-21-[my_domain_id]-513
ACL:S-1-5-21-[my_domain_id]-3360:DENIED/0x0/0x27
ACL:S-1-5-21-[my_domain_id]-3360:ALLOWED/0x0/FULL
ACL:S-1-5-21-[my_domain_id]-3360:ALLOWED/0x0/0x1e0198
ACL:S-1-5-21-[my_domain_id]-513:ALLOWED/0x0/0x1200af
ACL:S-1-1-0:ALLOWED/0x0/0x120088
What happened?! This also happens if I use vi to create the file (permissions are good on first save) and then edit (permissions are wrong).
Windows permissions also accurately reflect these permissions.
If I create files in Windows, the permissions are assigned as expected upon file creation and are not changed after files are edited and saved. Editing and saving a file in CentOS will change the permissions of a file that was originally created in Windows.
So, why are the permissions changing on the second write of a file?
I've tried using or not using uid, gid, noperm, cifsacl, though I haven't done every possible permutation.
Attached is the smb.conf file (renamed smb.conf.txt to get past the file type upload limitation).
Any thoughts of things to try?
We have a FreeNAS 9.2.1.5-RELASE instance with several CIFS shares. Accessing and using these shares from Windows 7 clients works just fine, until we throw some CentOS boxes into the mix.
My client is a bare-bones CentOS 6.5 client. I did all of the tests with the original mount.cifs command (version 4.8.1) and then upgraded to the current version (6.4) and then re-ran the tests with the same results.
My mount command:
mount -t cifs //server/share /mnt/share/ -o username=my_username,uid=root,gid=root,domain=my_domain,sec=ntlmv2,cifsacl
First I just create a file and get the permissions:
[root@localhost share]# touch file1
[root@localhost share]# getcifsacl file1
REVISION:0x1
CONTROL:0x8004
OWNER:S-1-5-21-[my_domain_id]-3360
GROUP:S-1-5-21-[my_domain_id]-513
ACL:S-1-5-21-[my_domain_id]-3360:ALLOWED/0x0/FULL
ACL:S-1-5-21-[my_domain_id]-513:ALLOWED/0x0/FULL
Looks good!
Then I edit the file and get permissions again:
[root@localhost share]# vi file1 (added a couple of words then saved)
[root@localhost share]# getcifsacl file1
REVISION:0x1
CONTROL:0x8004
OWNER:S-1-5-21-[my_domain_id]-3360
GROUP:S-1-5-21-[my_domain_id]-513
ACL:S-1-5-21-[my_domain_id]-3360:DENIED/0x0/0x27
ACL:S-1-5-21-[my_domain_id]-3360:ALLOWED/0x0/FULL
ACL:S-1-5-21-[my_domain_id]-3360:ALLOWED/0x0/0x1e0198
ACL:S-1-5-21-[my_domain_id]-513:ALLOWED/0x0/0x1200af
ACL:S-1-1-0:ALLOWED/0x0/0x120088
What happened?! This also happens if I use vi to create the file (permissions are good on first save) and then edit (permissions are wrong).
Windows permissions also accurately reflect these permissions.
If I create files in Windows, the permissions are assigned as expected upon file creation and are not changed after files are edited and saved. Editing and saving a file in CentOS will change the permissions of a file that was originally created in Windows.
So, why are the permissions changing on the second write of a file?
I've tried using or not using uid, gid, noperm, cifsacl, though I haven't done every possible permutation.
Attached is the smb.conf file (renamed smb.conf.txt to get past the file type upload limitation).
Any thoughts of things to try?
Attachments
Last edited: