Web lists-archives.com

[Samba] Fwd: NT_STATUS_ACCESS_DENIED for guest account to public share




Hi list,

I'm using samba-4.7.6-r0 and attempting to establish a public samba share
where any anonymous user can write to the share.

I have an issue where the 'guest' (uid 405) account is unable to write to a
directory owned by that uid. If the gid or world writable bits are set, I
can write to my share, but not as the guest uid. I need assistance
troubleshooting why I cannot write as the guest account to my share.

My problem:
# touch test.txt
# smbclient -U% //easystore/public -c 'put test.txt test1.txt'
NT_STATUS_ACCESS_DENIED opening remote file \test1.txt

My local filesystem:
# ls -lad /mnt/share
drwxr-xr-x 5 guest users 4096 May 25 15:18 /mnt/share

My user details:
# getent passwd guest
guest:x:405:100:guest:/dev/null:/sbin/nologin
# pdbedit -L -v
^$ EOL

My smbstatus (ran windows 10 client to hold open the share path locks):
# smbstatus

Samba version 4.7.6
PID     Username     Group        Machine
 Protocol Version  Encryption           Signing
----------------------------------------------------------------------------------------------------------------------------------------
24844   guest        users        192.168.50.131 (ipv4:192.168.X.X :54932)
SMB3_11           -                    -
24852   guest        users        192.168.50.185 (ipv4:192.168.X.X :57840)
SMB3_11           -                    -
24851   guest        users        192.168.50.185 (ipv4:192.168.X.X :57839)
SMB3_11           -                    -

Service      pid     Machine       Connected at
 Encryption   Signing
---------------------------------------------------------------------------------------------
public       24852   192.168.X.X Fri May 25 15:44:07 2018 UTC     -
    -
public       24844   192.168.X.X Fri May 25 15:43:41 2018 UTC     -
    -
IPC$         24852   192.168.X.X Fri May 25 15:44:07 2018 UTC     -
    -
IPC$         24851   192.168.X.X Fri May 25 15:44:06 2018 UTC     -
    -
public       24851   192.168.X.X Fri May 25 15:44:06 2018 UTC     -
    -

Locked files:
Pid          Uid        DenyMode   Access      R/W        Oplock
 SharePath   Name   Time
--------------------------------------------------------------------------------------------------
24851        405        DENY_NONE  0x100081    RDONLY     NONE
 /mnt/share   .   Fri May 25 15:44:06 2018
24851        405        DENY_NONE  0x100081    RDONLY     NONE
 /mnt/share   .   Fri May 25 15:44:06 2018
24851        405        DENY_NONE  0x100081    RDONLY     NONE
 /mnt/share   .   Fri May 25 15:44:07 2018
24852        405        DENY_NONE  0x100080    RDONLY     NONE
 /mnt/share   .   Fri May 25 15:44:07 2018
24851        405        DENY_NONE  0x100081    RDONLY     NONE
 /mnt/share   .   Fri May 25 15:44:08 2018
24851        405        DENY_ALL   0x100080    RDONLY     NONE
 /mnt/share   .   Fri May 25 15:44:12 2018

My smb.conf:
[global]
syslog = 7
netbios name = SHARE
workgroup = WORKGROUP
security = user
map to guest = Bad User
guest account = guest
#username map = /etc/samba/smbusers
dns proxy = no
#log level = all
log file = /var/log/samba/%m.log
browsable = yes
#read only = yes
guest ok = no
writable = no
printable = no

[printers]
comment = All Printers
path = /usr/spool/samba
browseable = yes
printable = yes

[homes]
comment = User Home Directories
browsable = yes
writable = yes

[public]
comment = Public Share
path = /mnt/share
public = yes
guest only = yes
read only = no
writable = yes
printable = no
#force user = guest
create mask = 0644
directory mask = 0755

--
Raymond Page
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba