CIFS access problems

Hi,

I am using OMV5 with a software RAID 1 and CIFS for sharing files with Windows machines. Works fine so far, but we have problems with about 5 files (out of about 1000). Those files are in a subfolder were the user has R/W privileges. But quite often it happens, that the user needs 3 or more attemps to open the file in Write-Mode.

So I took a look at the syslog, filtering for messages referring to the file:

Jun 11 07:59:23 server1 smbd[16440]:   unix_mode(###PATH_TO_FILE###/###FILE###.wdb) inheriting from ###PATH_TO_FILE###
Jun 11 07:59:23 server1 smbd[16440]:   unix_mode(###PATH_TO_FILE###/###FILE###.wdb) inherit mode 42770
Jun 11 07:59:23 server1 smbd[16440]:   ###USER### opened file ###PATH_TO_FILE###/###FILE###.wdb read=Yes write=No (numopen=6)
Jun 11 07:59:23 server1 smbd[16440]:   ###USER### closed file ###PATH_TO_FILE###/###FILE###.wdb (numopen=5) NT_STATUS_OK
Jun 11 07:59:23 server1 smbd[16440]:   ###USER### closed file ###PATH_TO_FILE###/###FILE###.wdb (numopen=4) NT_STATUS_OK
Jun 11 07:59:31 server1 smbd[16440]:   unix_mode(###PATH_TO_FILE###/###FILE###.wdb) inheriting from ###PATH_TO_FILE###
Jun 11 07:59:31 server1 smbd[16440]:   unix_mode(###PATH_TO_FILE###/###FILE###.wdb) inherit mode 42770
Jun 11 07:59:31 server1 smbd[16440]:   ###USER### opened file ###PATH_TO_FILE###/###FILE###.wdb read=Yes write=No (numopen=6)
Jun 11 07:59:31 server1 smbd[16440]:   unix_mode(###PATH_TO_FILE###/###FILE###.wdb) inheriting from ###PATH_TO_FILE###
Jun 11 07:59:31 server1 smbd[16440]:   unix_mode(###PATH_TO_FILE###/###FILE###.wdb) inherit mode 42770
Jun 11 07:59:31 server1 smbd[16440]:   ###USER### opened file ###PATH_TO_FILE###/###FILE###.wdb read=Yes write=Yes (numopen=7)
Jun 11 07:59:31 server1 smbd[16440]:   ###USER### closed file ###PATH_TO_FILE###/###FILE###.wdb (numopen=6) NT_STATUS_OK
Jun 11 07:59:31 server1 smbd[16440]:   unix_mode(###PATH_TO_FILE###/###FILE###.wdb) inheriting from ###PATH_TO_FILE###
Jun 11 07:59:31 server1 smbd[16440]:   unix_mode(###PATH_TO_FILE###/###FILE###.wdb) inherit mode 42770

Sorry for the "###PATH_TO_FILE###"-like consorship, but it is nessesary.

You can see, the third attemt to open the file is successfull ("read=Yes write=Yes"). This happens only to a handful of files, while nobody else is even in the office. The user does definetly have permissions to R/W the folder and files, some of the files were even createt by him. We do not use ACL.

The only difference I saw in the pile permissions are while using "ls -hl" in shell, were some files are "-rw-rw-r--+" and some "-rw-rw----+" - but as far as I understand this should not matter, because all users are in the group "users" wich has R/W permission.

At the moment I struggle a bit to understand why this happens. May you help me?

Yes, this option is enabled.

Zitat von geaves

I would start by disabling this, if you don't have many users it may not be necessary

Okay. I will try. How many is "many"? We have around 10 users in 3 groups.

Okay thank you, I will try it this evening and report as soon as possible.

Wouldn't this make other users unable to edit files created a user ? The documentation says:

Zitat

Why I can’t edit files that other users have created?
The default umask in Samba is 644 for files. To enable flexible sharing check Enable permission inheritance in the Samba share settings, this will force 664 creation mode. Files created previously need to change their permission mode. Check also that you don’t have read only enabled. This option overrides privileges and POSIX.

https://openmediavault.readthe…ices/samba.html#questions

I might have had activated them in earlyer times, but now they are definetely off.

I disabled "Inherit permissions" on all our shares, and so far it seems to work. I will test it for a week or so and then report back.

Tanks!

Okay,

we testet now for one week. As it happens, disabling "inherit permissions" did not work. Some days the user had no problems at all, but there were 2 days, when he needed 4 to 6 attampts to open the file again.

My next idea is to set the user permissions on unix level again. ananas told that there are some ACLs still somehow inside (I have disabled the option for the usage of ACLs)... maybe I should set all files to 0660 via chmod?

Pascal

Okay, so I resettet the ACL last week via "setfacl -b [FILENAME]" and the "+" was gone.

Today i rechecked, and the ACL "+" is back again.

"getfacl [FILENAME]" shows:

# file: [FILENAME]
# owner: [myuser]
# group: users
user::rw-
group::rwx
group:[mygroup]:rwx
mask::rwx
other::r--

I do not understand the system of ACLs completely, but this should give [myuser] as well as [mygroup] access to the file (r/w). Strange is, that I deactivated ACLs and those ACLs keep comming back.

By the way: The user still needs sometimes 2 to 6 attempts to acces the file. But only THIS certain user. I think at the moment about adding a new account for the user... (I work with group-privileges, users are only for logging).

Best regards

pascal