4

I am trying to set permissions on a Samba share mounted with vers=3.0, but it does not work (with vers=2.1 or vers=2.0 also issue is present).

As per SMB3-Linux cifsacl option is needed for setting the permission bits, but if that option is used the folder does not mount:

# mount -t cifs //server.lan/aaditya /home/roaming/SERVER/aaditya -o 'username=aaditya,domain=server.lan,password=mypass,cifsacl,vers=3.0,nobrl,mfsymlinks,sfu,uid=1274545246,gid=1274544641'

mount error(95): Operation not supported Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)

Is there something that I am missing?

It works with vers=1.0 which has unix extensions but trying to avoid it as SMB 2.0+ seems to have much better performance and design (here and here).

Client details:

# mount.cifs -V
mount.cifs version: 6.4

# uname -srm
Linux 4.10.0-38-lowlatency x86_64

# lsb_release -ird
Distributor ID: Ubuntu
Description:    Ubuntu 16.04.3 LTS
Release:    16.04

Server details:

$ uname -srm
Linux 4.4.0-97-generic x86_64

$ lsb_release -ird
Distributor ID: Ubuntu
Description:    Ubuntu 16.04.3 LTS
Release:    16.04

$ samba --version
Version 4.6.7-Ubuntu
Improve this question
1
  • I dont know why mount.cifs fails with cifsacl; tried it on another system running Slackware where it worked. However, it fails to solve the main issue, ie, enabling unix permissions on a SMB 2.0 share. Anyhow I discovered why all the files were being shown as executable in the share: its due to mapping some windows file permissions as described in unix.stackexchange.com/questions/103415/…. Even if file_mode=0644 is explicitly added, the files become non executbable with no way of setting them otherwise.
    – abchk1234
    Commented Nov 11, 2017 at 19:06

1 Answer 1

Reset to default
4

Samba does not yet support UNIX extensions for SMB v2.0+. It is being worked on. [lists.samba.org, 10/2017]

They say that when UNIX extensions will be finalized, the Samba implementation is ”not going to allow clients to create ’real‘ symlinks on the server - only SMB-followable symlinks. Allowing clients to create real server symlinks as in SMB1 UNIX extensions has been a long-term security disaster.“ [same thread]

Improve this answer
1
  • 2
    Holy moly. In hours of reading samba docs, trying to figure out why file permissions were not appearing correctly on the client side, I didn't find any mention of unix extensions being restricted to SMB1. Thank you.
    – ʇsәɹoɈ
    Commented Oct 31, 2019 at 0:16

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .