Red Hat Bugzilla – Bug 475959
parameter "force group" breaks public shares for guest account
Last modified: 2008-12-15 08:50:56 EST
[root@shutdown ~]# mount -t cifs -o user=nobody,guest //mir-qs/on3 /mnt/tmp/
mount error 13 = Permission denied
Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)
Error message on the server is
make_connection: connection to on3 denied due to security descriptor.
Googling around led me to the belief that someone fooled around with
srvmgr.exe from a windows machine and that I should remove
/var/cache/samba/share_info.tdb and restart samba. Which doesn't work.
This is my smb.conf (well, only the most important parts):
workgroup = FOOBAR
server string = My Server
map to guest = Bad User
preferred master = No
local master = No
domain master = No
dns proxy = No
comment = Audio-Video-Imports
path = /local/mir/import/on3
force group = users
read only = No
create mask = 0664
directory mask = 0775
guest ok = Yes
This is my smbusers:
root = administrator admin
nobody = guest pcguest smbguest
Now if I take out the "force group = users" everything works as
expected. Except that I cannot write in this share - nobody isn't in the
smbclient works, mounting those shares from Windows also works.
Mounting does not work from CentOS 3, 4, 5 or OS X (command line).
Sorry, this is not a bug, but expected behaviour.
Force user and force group will work only with an authenticated connection, guest connections cannot use these directives.