Re: Samba: smbfs works, cifs does not

[Joe Barnett <joe.barnett@xxxxxxxx>]

James Wilkinson wrote:
> Joe Barnett wrote:
> > Server config: OpenBSD 3.8 using Samba 3.0.13p0 from ports
> >
> > Workstation(s): FC5 and FC4
> >
> > When using cifs (FC4 and 5) the resources will mount but I do not have access 
> > to the directories.  When using smbfs (FC4) I *do* have access to the 
> > directories.  However, root (on the workstation/cifs/FC4 and 5) has all the 
> > expected access to the same directories.  The directories in question
> > are users homes, and on the server they are given tight permissions
> > (0700).
> >
> > The directories are mounted at startup:
> >
> > mount -t cifs //some/share /mnt/share -o 
> > rw,user=joe,password=xxxxxxx,uid=joe,gid=joe
> >
> > (all on a single line...)
>
> man mount.cifs says, for both uid and gid:
>     This parameter is ignored when the target server supports the CIFS
>     Unix extensions.
>
> So what are these CIFS Unix extensions?
>
> Basically, they allow CIFS (initially designed around DOS/Windows-type
> filesharing) to handle Unix stuff like device nodes, symlinks, inode
> numbers, and group and user IDs. And yes, both Linux 2.6 (as a client)
> and recent Samba support these.
>
> I suspect that you're running into issues where the UID *numbers* are
> different on the server and on the clients. Unfortunately, there doesn't
> seem to be an easy way around changing the UID numbers on the client...
>
> You may want to look again at integrated logins using something like
> LDAP.
>
> This is a reasonable starting point for more information:
> http://sambaxp.org/uploads/media/08-Jeremy_Allison_-_CIFS_to_the_Desktop.pdf
>
> Hope this helps,
>
> James.

This problem has taken some time to be solved, but I found the 
answer in a related post just a few days ago (I apologize, I did not 
keep that particular piece of mail...).  The solution, in my case, 
is to set "unix extensions = no" in smb.conf.

In this case, as it is a mixed network (BSD, Linux, and (mostly) 
Windows workstations), trying to maintain unix-like permissions 
would prove difficult at best -- so this is acceptable.  Ownership 
provides a minimum of protection to keep non-owners from deleting 
files from public shares, and that is about all that is needed. 
Otherwise, personal directories and such are used primarily for 
workstation backup (with those directories being 0700 on the server).

From what I can tell, uid and gid had no effect on behaviour -- for 
me they match between my workstation and server, though for other 
users they do not (I administer the servers...), but the behaviour 
has been consistent for all users.

Thanks,

Joe