Bug 1465388 - permission denied for subfolders after latest updates
permission denied for subfolders after latest updates
Status: CLOSED DUPLICATE of bug 1464334
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: samba (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Andreas Schneider
Depends On:
  Show dependency treegraph
Reported: 2017-06-27 07:09 EDT by Harald Reindl
Modified: 2017-06-28 06:40 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2017-06-28 06:40:24 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Harald Reindl 2017-06-27 07:09:37 EDT

after the security updates above while navigate through smb shares you get dandomly on the second or third subfolder a "permission denied" and in case of Konqueror on a Fedora machine you where asekd again for the password of the share while on MacOS the folder appears to be empty

since this affects two different machines running CentOS7 with current updates but *not* Fedora machines this smells like a backporting problem on the RHEL packages

since the permissions and POSIX ACL's on at least one of both affected machines are set recursive with a script it's impossible that there is a filesystem pmerissions problem underlying 

 server string = example.thelounge.net
 netbios name = example
 smb ports = 445

 interfaces =
 bind interfaces only = yes

 hosts allow =
 hosts deny = all
 hide files = /.AppleDesktop/.AppleDouble/.Parent/desktop.ini/$RECYCLE.BIN/
 veto files = /.AppleDesktop/.AppleDouble/.Parent/desktop.ini/$RECYCLE.BIN/
 delete veto files = yes

 access based share enum = yes
 hide unreadable = yes
 inherit permissions = yes
 inherit acls = yes
 nt acl support = no
 nt pipe support = yes
 browseable = yes
 writeable = yes
 guest ok = no
 wide links = no
 follow symlinks = no
 oplocks = no
 level2 oplocks = no
 vfs objects = catia fruit streams_xattr
 ea support = yes

 workgroup = LOUNGE
 lm announce = no
 lanman auth = no
 ntlm auth = no
 client lanman auth = no
 client ntlmv2 auth = yes
 client signing = auto
 server signing = auto
 security = user
 restrict anonymous = 2
 invalid users = nobody root admin administrator guest gast pcguest anonymous
 log file = /var/log/samba/samba.log
 log level = 1 auth:2 passdb:2 tdb:1 vfs:1 smb:1 locking:1 sam:1 winbind:1 idmap:1 quota:1 acls:0 msdfs:1 dmapi:1 registry:1 printdrivers:0 lanman:0 rpc_parse:0 rpc_srv:0 rpc_cli:0
 max log size = 4096
 os level = 0
 domain master = no
 preferred master = no
 local master = no
 disable netbios = yes
 wins support = no
 browse list = no
 dns proxy = no
 multicast dns register = no
 name resolve order = hosts bcast
 max smbd processes = 50
 use sendfile = yes
 read raw = yes
 write raw = yes
 getwd cache = yes
 stat cache = yes
 max stat cache size = 256
 ldap ssl = no
 time server = no
 unix extensions = no
 show add printer wizard = no
 load printers = no
 printable = no
 printing = bsd
 printcap name = /dev/null

 path = /srv/smb
 valid users = reindl
 force group = smb-users
Comment 2 Andreas Schneider 2017-06-28 06:40:24 EDT

*** This bug has been marked as a duplicate of bug 1464334 ***

Note You need to log in before you can comment on or make changes to this bug.