# Samba - can not delete files, most of the times

## costel78

I didn't use samba for some time and now, when I need it, there are some strange issues.

Most of the time, I can copy or edit files, but I can not delete them from Windows.

Directly on Gentoo, as costel, I can delete files without issues.

Current samba version and flags:

```
[ebuild   R    ] net-fs/samba-4.14.4::gentoo  USE="acl pam regedit system-mitkrb5 systemd -addc -addns -ads -ceph -client -cluster -cups -debug (-dmapi) (-fam) -glusterfs -gpg -iprint -json -ldap -ntvfs -profiling-data -python -quota (-selinux) -snapper -spotlight -syslog (-system-heimdal) (-test) -winbind -zeroconf" PYTHON_SINGLE_TARGET="python3_9 -python3_7 -python3_8" 0 KiB
```

Current config file (with many tries and error stuff)

```
[global]

# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH

   workgroup = CWebMini

# server string is the equivalent of the NT Description field

   server string = Samba Server Mini

# Security mode. Defines in which mode Samba will operate. Possible

# values are share, user, server, domain and ads. Most people will want

# user level security. See the Samba-HOWTO-Collection for details.

   security = user

# This option is important for security. It allows you to restrict

# connections to machines which are on your local network. The

# following example restricts access to two C class networks and

# the "loopback" interface. For more examples of the syntax see

# the smb.conf man page

   hosts allow = 10.78.78. 127.

# If you want to automatically load your printer list rather

# than setting them up individually then you'll need this

   load printers = yes

# this tells Samba to use a separate log file for each machine

# that connects

   log file = /var/log/samba/log.%m

# Put a capping on the size of the log files (in Kb).

   max log size = 1024

# Configure Samba to use multiple interfaces

# If you have multiple network interfaces then you must list them

# here. See the man page for details.

   bind interfaces only = yes

   interfaces = lo enp2s0f0u2c2

# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names

# via DNS nslookups. The default is NO.

   dns proxy = no

vfs objects = acl_xattr

max protocol = smb2

#max protocol = smb3

#server signing = mandatory

#smb encrypt = mandatory

#client signing = mandatory

#oplocks = yes

#level2 oplocks = no

log level = 1

map to guest = Bad User

#============================ Share Definitions ==============================

[media]

   comment = Media

   path = /mnt/

   valid users = costel

   public = no

   writable = yes

   printable = no

#   guest ok = yes

   inherit owner = no

#   security mask = 664

#   force security mode = 664

#   directory mask = 2755

#   force directory mode = 2755

#   directory security mask = 2755

#   force directory security mode = 2755
```

fstab entry 

Setting user_id, group_id and/or uig and gid did not help

```
# /dev/sdb1 - Date

PARTUUID=3d392045-036e-49eb-8c0c-dfb3f56e7ae9   /mnt/date       ntfs-3g users,rw,defaults                       0 0
```

Samba log contain

```
../../source3/smbd/close.c:1239(close_directory)

  close_directory: Could not delete share entry for....
```

What could be the error ?

----------

## alamahant

Permission issue?

Samba permissions work on top of linux.

did you

```

smbpasswd -a costel

chmod 777 /mnt/date

mount /mnt/date

###and maybe an

inherit permissions = yes 

###in smb.conf share definition

```

?

```

# /dev/sdb1 - Date

PARTUUID=3d392045-036e-49eb-8c0c-dfb3f56e7ae9   /mnt/date       ntfs-3g users,rw,defaults                       0 0

```

Is the above what you want to share?

Its a bit confusing from your output.......

Does Gentoo share and windows mount?

Or windows shares and Gentoo mounts?

Or both?

Which folder you wish to share?

Is it /mnt/date you wish to share?

```

[media]

   comment = Media

   path = /mnt/date

   valid users = costel

   public = no

```

----------

## costel78

I don't think it is a permission issue because logged in as costel I can create, edit and delete files. 

Yes, I did pdbedit -a costel and it set the password, also.

Samba share contain all /mnt folder, some of them are ntfs partitions (date and downloads), rescue is ext4, filme is btrfs, usb and windows are empty and not-mounted most of the time.

The error appear sporadically, mostly on ntfs directories. 

```
ls -als /mnt/

total 100

 4 drwxr-xr-x 10 root   root   4096 mai 20 11:13 .

 4 drwxr-xr-x 22 root   root   4096 mai  1 15:30 ..

 4 drwxr-xr-x  2 costel costel 4096 mai  3 13:56 backup

 4 drwxrwxrwx  1 root   root   4096 mai 21 20:25 date

 4 drwxr-xr-x  2 root   root   4096 mai 15 23:05 downloads

64 drwxr-xr-x  1 costel costel   74 mai  5 11:35 filme

 0 -rw-r--r--  1 root   root      0 apr 15 09:35 .keep

 4 drwxr-xr-x  5 root   root   4096 mai 25 19:17 linux

 4 drwxr-xr-x  2 root   root   4096 apr 30 17:45 rescue

 4 drwxr-xr-x  2 root   root   4096 apr 30 17:45 usb

 4 drwxr-xr-x  2 root   root   4096 apr 30 17:45 windows
```

With user_id=1000,group_id=1000, after mount, date and downloads appear to be owned by costel.

When mount ntfs partition  directory become owned by root automatically.

I will try with inherit permissions = yes.

Thank you for your support!

----------

## alamahant

Ah ah you wish to share the entire /mnt as an smb share?

Besides 

/mnt/date do you have other mountpoints also inside /mnt

?

----------

## Tony0945

There are probably other ways to do this, but here are examples from my LAN:

/etc/fstab

```

//trantor/video         /mnt/samba-trantor      cifs    vers=1.0,users,user=guest,password=none,rw   0 0

//trantor/Documents     /home/tony/Documents    cifs    vers=1.0,users,credentials=/etc/credentials.tony,rw   0 0
```

Anyone can can read, write, delete on /video on machine trantor. (There is only me at present) WinXP on virtualBox has no problem. Neither did real WinXP before it crashed and burned.

Only user tony can read or write to Documents.  You need to create a credentials file with the user name and password on the guest. I use multiple machines and monthly umount /home/tony/Documents on each and sync them with rsync, creating a backup on every workstation.

On the server side:

```
[video]

   create mask = 0755

   force user = nobody

   path = /video

   read only = No

[Documents]

   acl allow execute always = Yes

   comment = Central System Common Document Area

   create mask = 0755

   force group = tony

   force user = tony

   hosts allow = 192.168.0.96/27 127.

   path = /home/tony/Documents

   read only = No

   valid users = tony

```

 A bit more security for my documents than for my video files.

----------

## costel78

@alamahant

Yes, downloads is also ntfs, rescue is ext4, filme is btrfs.

inherit permissions = yes does not seem to make a difference.

@Tony0945

With force_group and force_user I can delete files now, but not folders.

Thank you both, for support!

I will try to increase log verbosity to try to pinpoint the cause.

Directly on the machine no issue. I am allowed to do anything. Also via sshfs or winscp, no issues, whatsoever.

Deletion error occur with clean, untouched smb.conf.default (renamed as smb.conf) provided by samba ebuild.

----------

## Tony0945

 *costel78 wrote:*   

> 
> 
> With force_group and force_user I can delete files now, but not folders.

 

Are the folders 0755 or what?

 *costel78 wrote:*   

> 
> 
> Sorry for my English. I'm still learning this language.

 

As are all we Americans!

----------

## costel78

Errors looks like:

```
[2021/05/25 20:32:28.790396,  0] ../../source3/smbd/close.c:1239(close_directory)

  close_directory: Could not delete share entry for filme/view/tmp

[2021/05/25 20:32:28.806383,  0] ../../source3/smbd/oplock.c:236(remove_oplock)

  remove_oplock: failed to remove share oplock for file filme/view/tmp/backup_2021_05_06.backup, fnum 4287864298, 46:11360:0

[2021/05/25 20:32:28.806414,  0] ../../source3/smbd/close.c:518(close_remove_share_mode)

  close_remove_share_mode: Could not delete share entry for file filme/view/tmp/backup_2021_05_06.backup

[2021/05/25 20:32:28.814732,  0] ../../source3/smbd/oplock.c:236(remove_oplock)

  remove_oplock: failed to remove share oplock for file filme/view/tmp/cabluri.xlsx, fnum 3507752228, 46:11361:0
```

Later:

```
 ls -als /mnt/filme/view/tmp*

total 12380

    0 drwxr-xr-x 1 costel costel      216 mai 25 20:32  .

    0 drwxr-xr-x 1 costel costel      822 mai 25 20:34  ..

 1360 -rwxr--r-- 1 costel costel  1391286 mai  6 15:41  backup_2021_05_06.backup

   12 -rwxr--r-- 1 costel costel    11034 mai 20 00:18  cabluri.xlsx

   24 -rwxr--r-- 1 costel costel    22172 mai 18 20:20  config_curat.txt

    8 -rwxr--r-- 1 costel costel     5800 mar 19 15:58  dan.txt

    4 -rwxr--r-- 1 costel costel       23 mai  6 15:38  digi.txt

  696 -rwxr--r-- 1 costel costel   712539 mai  6 15:41  export_2021_05_06.rsc

   12 -rwxr--r-- 1 costel costel     8214 mai 18 19:39  mac.txt

10264 -rwxr--r-- 1 costel costel 10507908 mai 15 13:04 'New Icons.zip'
```

Yes, folders are created with mask 755 and files with 644.

----------

## Tony0945

```
Trantor video # stat movies

  File: movies

  Size: 4096         Blocks: 8          IO Block: 4096   directory

Device: 812h/2066d   Inode: 123928577   Links: 2

Access: (0755/drwxr-xr-x)  Uid: (65534/  nobody)   Gid: (65534/  nobody)

Access: 2021-05-25 13:55:14.581030487 -0500

Modify: 2021-04-11 18:51:31.414658932 -0500

Change: 2021-04-11 18:51:31.414658932 -0500

 Birth: 2018-08-18 19:41:01.523701347 -0500

```

Only the owner can write/delete but the owner is "nobody". Who owns the directories that Windows can't delete?

```
Trantor video # ls -als movies

total 71441840

      4 drwxr-xr-x  2 nobody nobody       4096 Apr 11 18:51 .

      4 drwxr-xr-x 56 nobody nobody       4096 Mar 18 16:21 ..

```

  Only "mai" can delete your directory.

----------

## costel78

The owner is the user costel and group costel.

I believe that mai is May month and Mar is March. I am sorry for localization.

For now, will make the share public and available to a network with only two computers for security.

Thank you for your support!

----------

## costel78

According to smbstatus recently accessed files and folders (copied, edited etc) got locked by samba:

```
Pid          User(ID)   DenyMode   Access      R/W        Oplock           Share                                                                                                                                                                                                                                             Path   Name   Time

--------------------------------------------------------------------------------                                                                                                                                                                                                                                             ------------------

815          1000       DENY_ALL   0x17019f    RDWR       LEASE(RWH)       /mnt                                                                                                                                                                                                                                                filme/view/tmp/backup_2021_05_06.backup   Tue May 25 23:12:27 2021

815          1000       DENY_ALL   0x17019f    RDWR       LEASE(RWH)       /mnt                                                                                                                                                                                                                                                filme/view/tmp/digi.txt   Tue May 25 23:12:27 2021

815          1000       DENY_ALL   0x100080    RDONLY     NONE             /mnt                                                                                                                                                                                                                                                filme/view/tmp   Tue May 25 23:14:59 2021
```

I do not know how and why DenyMode is DENY_ALL. It is happening with NTLAN, SMB2_10 or SMB3_11 protocol.

Digging into documentation oplocks = no disable locks.

Adding oplocks = no to [global] section solved the issue.

As I am the only user, disabling opportunistic locking seems safe.

On the one side I am happy that the issue is gone, on the other side I am looking for an explanation why the lock persist until samba server restart and it is not released after some time.

Thank you all for your support!

----------

