On Jul 18 14:09, Corinna Vinschen wrote: > > > > On Jul 17 18:18, Eric Blake wrote: > > > > > Somewhere between setting obcaseinsensitive to 0 yesterday and > > > > > upgrading > > > > > to the new cygwin1.dll today, I'm now suffering from an inability to > > > > > modify files on a shared drive on my work machine. I can create empty > > > > > files and remove existing files just fine, but get access denied on > > > > > any > > > > > attempt to change contents. The -1 for owner and group looks fishy > > > > > as > > > > > well. > [...] > The real problem is exactly what I describe in the comment in > fhandler_base::open(). Apparently, creating the file and sending the > security descriptor to the server is a two step approach. So Samba > creates the file first, and then, afterwards, Windows sends the request > to change the security descriptor of the file. Now Samba can't map > SID->uid and returns STATUS_ACCESS_DENIED. But there seems to be no > knowledge that the two actions are actually one system call in Windows. > So Samba doesn't remove the file, but still, NtCreateFile failed. > Bummer. > > I have a local workaround which I'll apply in a minute. > > However, I never really understood why the mapping from the Windows > SID to the UNIX user fails, even though the user has been successfully > authenticated before. I have written a clueless mail to the samba > developers list. Maybe they can enlighten me.
They don't so far. However, as a side note, with "acl" on, you currently don't see user/group info in `ls -l', if your machines are not in fully Windows domain integrated. With the latest incarnation of mkpasswd and mkgroup (from CVS, not fully functional in 1.7.0-20), you can now ask your Samba machine for their passwd and group information: $ mkpasswd -L samba-machine >> /etc/passwd $ mkgroup -L samba-machine >> /etc/group At least this works for me. Unfortunately Samba doesn't enumerate the UNIX user and group information from its own /etc/passwd and /etc/group files. For instance the user "root" is S-1-22-1-0, the group "root" is S-1-22-2-0. That's what you see in the Windows Explorer Security tab as "Unix User\root" and "Unix Group\root". Apparently these are never enumerated, only returned in calls to LookupAccountSid and LookupAccountName. HTH, Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat
