Unable to get execute bit on Samba share working with Windows 7 client
In the [global]
section of your /etc/samba/smb.conf
add the following lines:
[global] usershare owner only = false unix extensions = no follow symlinks = yes wide links = yes ntlm auth = no lanman auth = no client ntlmv2 auth = yes
Also, check the way the NTFS partitions are mounted in the /etc/fstab
file. I had to add default 0 0
to the end of my NTFS mounts, that way it opened up all the permissions for the files to be accessible. I put an example of how my mounts are.
UUID=0A485DBF485DAA69 /media/500GB ntfs default 0 0 UUID=6AAA4323AA42EB61 /media/SGUSB ntfs default 0 0
Hopefully this helps.
EDIT: I totally forgot this one was still open, and I missed something. As it turns out, this is a bug, and can be remedied by the following lines:
Workaround: -- /etc/samba/local.conf [global] acl allow execute always = True --
Information can be found in the bug report here.
Related videos on Youtube
Matthew Zaleski
Updated on September 18, 2022Comments
-
Matthew Zaleski almost 2 years
I keep most of my files on an Ubuntu 14.04 box in Samba shares and access them from Windows 7 client machines. I had this all working with Ubuntu 11.10 and somehow broke this when moving to 14.04. There is an extra layer of indirection within the server via greyhole (jbod storage pooling via Samba) but it is only a plugin to Samba and does not change permissions.
Problem:
- An EXE is saved by W7-client to Samba share.
- Permissions look correct from command-line on server
- W7-client cannot execute file (I can't post image due to low reputation).
"Windows cannot access \\server\Software\Internet\WinApps\Multimedia\SetupProg.exe. You do not have permissions to access \\server\Software\Internet\WinApps\Multimedia\SetupProg.exe."
Windows sees the following permissions on the EXE:
Everyone: Read root (Unix User\root): Read & Execute, Read, Write, Special sambashare (Unix Group\sambashare): Read, Write
I use a group "sambashare" as a common group for all users accessing via Samba shares. I have sticky bits set as seen here:
drwsrwsr-x 31 root sambashare 12288 Apr 25 20:11 ../
So I consistently get owner=root, group=sambashare. No issues there.
Looking from the server side I see:
$ ls -l /mnt/lsi11/shares/Software/Internet/WinApps/Multimedia lrwxrwxrwx 1 root sambashare 69 Apr 25 16:14 SetupProg.exe -> /mnt/lsi4/gh/Software/Internet/WinApps/Multimedia/SetupProg.exe $ ls -l /mnt/lsi4/gh/Software/Internet/WinApps/Multimedia -rwxrw-r-- 1 root sambashare 11800240 Apr 25 15:23 SetupProg.exe
The group execute bit is not being set.
Looking at the smb.conf for the share I have (including items from @Terrance):
[Global] wide links = yes unix extensions = no workgroup = WORKGROUP server string = %h server (Samba, Ubuntu) wins support = yes dns proxy = no name resolve order = lmhosts host wins bcast log file = /var/log/samba/log.%m max log size = 5000 syslog = 0 panic action = /usr/share/samba/panic-action %d security = user encrypt passwords = true server role = standalone server passdb backend = tdbsam obey pam restrictions = no unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user printing = bsd printcap name = /dev/null usershare allow guests = yes follow symlinks = yes ntlm auth = no lanman auth = no client ntlmv2 auth = yes usershare owner only = no [Software] comment = Software files browsable = yes path = /mnt/lsi11/shares/Software read only = no valid users = user1 user2 guest ok = no inherit owner = yes inherit permissions = yes dfree command = /usr/bin/greyhole-dfree vfs objects = greyhole
I am able to manually set the execute bit from Linux and fix existing files. Any suggestions where to go poking would be helpful.
-
Admin about 9 yearsI tried adding "create mask = 0775" to [Global] since I read that Samba defaults to 0755. It didn't change the behavior.
-
Admin about 9 yearsJust wondering if you are putting two slashes in front of the server name, like
\\server\share\somepath\somefile.exe
? -
Admin about 9 years@Terrance Good catch! However that was a formatting issue of askubuntu turning double-backslash into a single displayed backslash. I've corrected the markup.
-
Admin about 9 yearsGood, just checking. I am going to add some stuff to an answer, and hopefully they work for you.
-
Admin about 9 yearsI just noticed that only
root
has executable on the actual file in/mnt/lsi4/gh/Software/Internet/WinApps/Multimedia
. Maybe try making the setup prog itself fully executable.sudo chmod 777 /mnt/lsi4/gh/Software/Internet/WinApps/Multimedia/SetupProg.exe
-
Admin about 9 yearsI just thought of something overnight. How are the NTFS partitions being mounted in the
/etc/fstab
? That's where I had my problem. I had to mount my NTFS partitions asdefault 0 0
mounts, then I could access the executables fine.
-
Terrance about 9 years@Matthew Zaleski I noticed that there are some repeat lines, just ignore those ones. This was a copy and paste from my
smb.conf
. -
Matthew Zaleski about 9 yearsI've added the new options to my file and no change in result. I've edited my post to include ALL of my Global options as I should have in the first place. Entries that are new from you are separated by a blank line in the question.
-
Terrance about 9 years@MatthewZaleski How did you install Samba? Through the
apt-get install samba
command? The reason why I am asking, is that I set mine up through just right-clicking a folder in Nautilus, then choseSharing
option, and it prompted me to install Samba. I have not had any issues with launching Windows executables through the share. Let me dig deeper and see if I can find the answer for that. -
Matthew Zaleski about 9 yearsThis is a 14.04 LTS Server install with no GUI. I'm pretty sure that Samba was one of the options in the "text installer". I did a manual merge of the 14.04
smb.conf
with the settings that worked in my 11.10smb.conf
. I switched to 14.04 last August. I didn't notice the problem immediately but definitely was broken by November; It could have been broken from August. Earlier today I did pick up latest versions all installed packages, including kernel and Samba. Nearly all packages are installed viaapt-get
oraptitude
. -
Terrance about 9 years@MatthewZaleski OK, that makes sense then. No problems. We'll get to the bottom of this.
-
Terrance about 9 years@MatthewZaleski What I just edited on my answer is how I have all my NTFS partitions mounted. The
UUID=
came from the commandsudo blkid
. Then it is the folder that they are being mounted to. Then mount file system type. Then the mount properties. -
Matthew Zaleski about 9 yearsThese are all ext4 filesystems
UUID=438958d0-f2b8-4d25-bc7b-a3d10de15068 /mnt/lsi11 ext4 defaults 0 2
-
Terrance about 9 years@MatthewZaleski I am so sorry, I missed your comment here. I found some more information, and updated my answer for you, if you haven't already fixed this.
-
Matthew Zaleski over 8 yearsI missed the notification of your answer. Your final suggestion did indeed correct the situation. Thanks!