Web lists-archives.com

[Samba] User permissions of profile/home directory lost




Hi All,

I run a small domain for my home that consists just of two user accounts... one for my wife and one for me. I just have a single DC and the home and profile shares are located on the DC. For years this setup has served just fine giving me access to both linux and windows with a unified authentication and file server base.

However, on Monday around 12 noon MST my wife lost permissions to her home and profile directories on both our Windows 7 Pro and CentOS 6&7 systems. If I logged into the DC and did 'getent passwd' her account showed up correctly. A 'ls -lat' command showed that the directory/files were owned properly by my wife's account. A getfacl showed that the ACLs were exactly like my own account which functioned properly. There was absolutely no reason for her to be denied permission to her directories or the files contained therein. And the permission issue was present even on the DC.

After struggling with this problem for the past 48 hours I decided to do a 'chown -R' on her profile and home directories, even though I thought this was silly since other linux commands indicated everything was setup correctly. Much to my surprise the 'chown -R' command fixed the problem.

I am at a loss as to what could have possibly occurred to make the DC believe that my wife's account was not the owner of her home and profile directory and the files contained in those directories. It seems even stranger that on the DC, linux indicated that my wife's account owned the files but yet would not grant permission even though the ownership and ACLs were correct.

Everything is well now, albeit for how long I don't know. I would be extremely grateful for any thoughts on what might have occurred and how to avoid this issue in the future. My wife's email was lost for ~48 hours because a bounce occurred due to the inability of dovecot to write to her account's maildir. Needless to say my wife was not happy and an unhappy wife ... well I let's just say I would like to avoid that in the future.

Thank you for any insights.
--
Paul (ganci@xxxxxxxxxx)
Cell: (303)257-5208

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba