# [SEMI-SOLVED][samba] I can't copy and execute files

## Bialy

I can upload and delete from M$ (XP Pro) client, but I can't copy, download and execute files.

I installed samba:

```
net-fs/samba

     Available versions:  3.0.36!t 3.0.37!t ~3.2.15!t ~3.3.9 ~3.4.3 {acl ads async automount caps cifsupcall client cups debug doc examples fam ipv6 kernel_linux ldap oav pam python quotas readline selinux server swat syslog winbind}

     Installed versions:  3.0.37!t(12:51:27 05.11.2009)(kernel_linux oav pam readline -acl -ads -async -automount -caps -cups -debug -doc -examples -fam -ipv6 -ldap -python -quotas -selinux -swat -syslog -winbind)
```

On server:

```
Portage 2.1.6.13 (hardened/linux/x86, gcc-4.3.4, glibc-2.9_p20081201-r2, 2.6.28-hardened-r7 i686)

=================================================================

System uname: Linux-2.6.28-hardened-r7-i686-VIA_Samuel_2-with-gentoo-1.12.13

Timestamp of tree: Thu, 19 Nov 2009 03:20:01 +0000

app-shells/bash:     4.0_p28

dev-lang/python:     2.6.2-r1

sys-apps/baselayout: 1.12.13

sys-apps/sandbox:    1.6-r2

sys-devel/autoconf:  2.63-r1

sys-devel/automake:  1.10.2

sys-devel/binutils:  2.18-r3

sys-devel/gcc-config: 1.4.1

sys-devel/libtool:   2.2.6a

virtual/os-headers:  2.6.27-r2

ACCEPT_KEYWORDS="x86"

CBUILD="i586-pc-linux-gnu"

CFLAGS="-O2 -march=c3 -mmmx -m3dnow -s -pipe -fomit-frame-pointer"

CHOST="i586-pc-linux-gnu"

CONFIG_PROTECT="/etc /var/bind"

CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d"

CXXFLAGS="-O2 -march=c3 -mmmx -m3dnow -s -pipe -fomit-frame-pointer"

DISTDIR="/usr/portage/distfiles"

FEATURES="collision-protect distlocks fixpackages parallel-fetch protect-owned sandbox sfperms strict unmerge-orphans userfetch"

GENTOO_MIRRORS="http://gentoo.po.opole.pl "

LANG="pl_PL.UTF-8"

LC_ALL="pl_PL.UTF-8"

LDFLAGS="-Wl,-O1"

LINGUAS="pl"

MAKEOPTS="-j2"

PKGDIR="/usr/portage/packages"

PORTAGE_CONFIGROOT="/"

PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"

PORTAGE_TMPDIR="/var/tmp"

PORTDIR="/usr/portage"

SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"

USE="3dnow acpi apache2 berkdb bzip2 clamav cli cracklib crypt ctype dri hardened iconv imap libwww logrotate madwifi maildir mmx modules mudflap mysql ncurses nls nptl nptlonly openmp pam pcre pdo perl php pic pppd python readline reflection sasl sdl session slang spl sqlite ssl sysfs szip tcpd truetype unicode urandom x86 xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1      emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m    maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="pl" USERLAND="GNU" VIDEO_CARDS="apm ark chips cirrus cyrix dummy fbdev glint i128 i740 imstt intel   mach64 mga neomagic nsc nv r128 radeon rendition s3 s3virge savage      siliconmotion sis sisusb tdfx tga trident tseng v4l vesa vga via vmware     voodoo"

Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
```

smb.conf:

```
[global]

    max disk size = 204800

    log file = /var/log/samba/%I.log

    dont descend = /dev,/proc,/root,/stand,/bin,/dist,/etc,/lkm,/mnt,/sbin,/sys,/usr

    read raw = yes

    write raw = yes

    max log size = 50

    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

    getwd cache = yes

    write cache size = 65536

    debug level = 2

    debug timestamp = no

    timestamp logs = yes

    bind interfaces only = yes

    interfaces = lo ath0

    hosts allow = 127.0.0.1, 192.168.1.0/25

    preserve case = yes

    short preserve case = yes

    hide dot files = yes

    security = user

    character set = UTF-8

    client code page = 852

    guest ok = no

    browseable = yes

    create mode = 0777

    dos file times = yes

    workgroup = workgroup

    dead time = 2880

    keep alive = 2880

    max open files = 50

    encrypt passwords = yes

    null passwords = no

    vfs object = vscan-clamav

    vscan-clamav: config-file = /etc/samba/vscan-clamav.conf

[dane]

    path = /home/samba

    volume = users

    comment = dane

    browseable = yes

    create mode = 0777

    directory mode = 0777

    write list = @users

    oplocks = yes

    level2 oplocks = yes

    writable = yes

[home]

    path = /home/%u

    comment = home

    browseable = no

    create mode = 0700

    directory mode = 0700

    write list = @users

    oplocks = yes

    level2 oplocks = yes

    public = no

    writable = yes

    volume = users

    write list = @users
```

All files have rwx (777) permissions.

Somebody can help me?Last edited by Bialy on Sat Nov 21, 2009 10:57 am; edited 2 times in total

----------

## honp

Check filesystem permissions on /home/samba.

----------

## Bialy

 *honp wrote:*   

> Check filesystem permissions on /home/samba.

  *Bialy wrote:*   

> All files have rwx (777) permissions.

 

```
drwxrwxrwx 5 apache users 4096 11-19 11:45 .

drwxr-xr-x 7 root   root  4096 11-16 09:42 ..

drwxrwxrwx 2 apache users 4096 11-20 22:34 folder1

drwxrwxrwx 2 apache users 4096 11-19 18:48 folder2

drwxrwxrwx 3 apache users 4096 11-18 12:14 folder3
```

I connect to shares with $USER:

```
grep $USER /etc/group

users::100:$USER
```

Where $USER is my... user  :Wink: 

When I was logged on server (on my $USER), I try copy file from folder2 to another location (/home/$USER) and I can do this  :Twisted Evil: 

----------

## honp

Hm, i have to say that i dont understand what do you mean and with your username $USER i am confused even more:) Can you specify your problem once more?

----------

## Bialy

Yes,

When I'm logged on server with my user, I can copy (via mc or cp) files for example from /home/samba/folder2 to home directory (/home/user),

but when I connect to server from M$ via samba, then I can not download, copy and execute any files (I can upload and delete files only).

----------

## honp

Ok, than create some files from winXP on you samba server, there switch there as your user and

cd /home/samba/

ls -la

and write what does it say.

----------

## Bialy

```
ls -la /home/samba/

-rwxrw-rw- 1 user  users    0 11-21 00:21 test.txt
```

When I upload new file (empty) on server, then I can edit him (add one word) and save, but after I can not open him (I got error - access denied).

When I upload new file (with text inside) and I try open/edit him I got access denied.

Permission don't change.

----------

## honp

Try add 

public = yes

 to 

[dane]

and tell me.

----------

## Bialy

All time I have this same situation.

----------

## aidanjt

If I were you, I'd nuke your smb.conf, copy the default over, and start again.  This time make file and directory masks 0775 and force group to @users.  Change FS file permissions accordingly.  Also, for sharing /home/${user} all you need is:

```
[homes]

   comment = Home Directories

   browseable = no

   writable = yes
```

Even the browsable part can be struck out if you have browsable = no in the main defaults section of the file (I don't).

And this is my shared share for e.g.:

```
[Public]

        comment = Public Share

        path = /pub

        write list = @users

        public = yes

        writable = yes

        create mask = 0664

        directory mask = 0775

        force group = users
```

I don't bother with making files executable because the user account I typically use with Windows isn't administrative, and I couldn't be bothered doing the whole Administrator/root mapping thing.

----------

## honp

Yes, and i have forgoten to tell you: LOGS.  :Smile: 

----------

## Bialy

 *AidanJT wrote:*   

> And this is my shared share for e.g.:
> 
> ```
> [Public]
> 
> ...

 I add your e.g. to my smb.conf and I still don't have permission to download. *AidanJT wrote:*   

> I don't bother with making files executable because the user account I typically use with Windows isn't administrative, and I couldn't be bothered doing the whole Administrator/root mapping thing.

 I use samba on my private (home) server. Sometimes I need execute files (for e.g. when I have on samba drivers for Windows, etc.). *AidanJT wrote:*   

> If I were you, I'd nuke your smb.conf, copy the default over, and start again.

 

It's works  :Laughing: 

I have made new smb.conf and now I can upload, download, delete and execute files  :Exclamation: 

Thank you very much  :Razz: 

PS. Sorry for my English  :Embarassed: 

--EDIT--

I have made some tests and when I add this line to smb.conf:

```
vfs object = vscan-clamav

    vscan-clamav: config-file = /etc/samba/vscan-clamav.conf
```

then I can not download.

It's very strange, because I use this how to.

----------

