permissions confusion on SMB share - some hidden config somewhere?

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • permissions confusion on SMB share - some hidden config somewhere?

      New

      Hi all,

      My apologies for asking something possibly a bit basic but I've been tasked with tightening up the permissions on an OMV system set up by somebody else and I'm quite confused about the permissions. I understand Unix Permissions and I understand that SMB shares are governed by an ACL system that imitates Windows permissions. I am quite confused by what I am seeing. We currently have a number of different users who (apparently, I don't have their passwords so haven't actually verified this) each have access to their own folder on the SMB share and a 'master' user who has access to all of them.

      A Network Drive on a Windows client, mapped using the credentials of a user called 'master' (groups: users, Main) has access to every shared folder.
      When I look in the omv webgui control panel, I note that:
      - there are no boxes ticked (Read/Write, Read Only, No Access) next to any of the shared folders under 'master' priviliges in the user section
      - there are no boxes ticked (Read/Write, Read Only, No Access) next to any of the shared folders in the priviliges section for group 'Main'
      - there are no boxes ticked (Read/Write, Read Only, No Access) in either the priviliges or ACL settings for any users in the shared folder settings for all folders.
      All folders are owned by root and group 'users'.

      All Shares, in the SMB section are set to 'Inherit ACLs'

      Looking at these folders through ssh with ls -l confirms that they are all root, users, 775

      I created a new user called 'test2' who is also a member of groups: users, Main but found that this user, from the client side, cannot see any of the shared folders, but it can see a new folder I created called 'testfolder' (which master user can also see)

      So there is some hidden permissions configuration going on that is governing folder access, what could it be? I want to understand it so that I can add some more shared folders and revamp the entire systems permissions in a more granular fashion, as the users have requested.