Preserve permissions on samba shared files when overwriting

I have a directory shared in my Ubuntu VM. This is my smb.conf:

...
[share]
comment = Ubuntu File Server Share
path = /home/foo/share
browsable = yes
guest ok = yes
read only = no
create mask = 0644

Almost everything works fine, i.e. when a new file is created, it is masked 0644. But also whenever I open (in Windows) and save an existing file, that file's permissions are also set to 0644. That's pretty annoying when editing scripts, which had previously been masked 0755 or 777.

Is there a way to make Samba keep existing permission masks when files are overwritten?
[edit] ... while creating new files with permissions 0644

samba

user123444555621

Posted 2012-05-23T10:50:59.800

Reputation: 513

I have the same problem and it's very annoying. Did you happen to find a solution? – Daniel Standage – 2012-09-25T19:50:33.957

@DanielStandage No, I haven't. As a workaround, I have a script that keeps fixing the executable flags :/ – user123444555621 – 2012-09-25T21:00:51.837

Answers

add:

map archive = no

to the [Share]. The default (yes) will set the execute bit on pretty much everything you save. When set to no, you can leave your create mask set to 755 or whatever.

I find this essential if you edit a lot of system files like /etc/mail/aliases, which will fail to compile with the execute bit set.

;o) Cor

Cor

Posted 2012-05-23T10:50:59.800

Reputation: 91

This works great on Windows 10 through VMWare to my Ubuntu devbox, new files gets the create mask permissions, and existing files don't get touched. I have to add force user and force group to the [share] in smb.conf since my users are not the same. – WoodyDRN – 2016-01-22T09:47:49.560

Thanks, good idea! Unfortunately it doesn't wort as intended on my machine (Win7 with Ubuntu 12.04). All bits are reset when I overwrite a file. – user123444555621 – 2013-06-10T07:48:22.373

To stop Samba from resetting a file's permissions when a file is saved through Samba, set the following parameter in smb.conf:

nt acl support = no

This stops Samba from attempting to map UNIX permissions to Windows access control list.

Ville

Posted 2012-05-23T10:50:59.800

Reputation: 1 692

I think if you set your samba guest account to be an account that would normally write files with 775 permissions you should be good to go.

[global]
guest account = [unix user]

Or you could create a samba user the same your user on Ubuntu who has 755 permissions (each samba user needs to match an UNIX user) and then access the samba share by logging in as that user.

user@ubuntu$ ~ sudo smbpasswd -a [username]

jason

Posted 2012-05-23T10:50:59.800

Reputation: 261

I don't see how that solves my problem. I was asking how to make sure that existing permissions are not modified. – user123444555621 – 2013-05-22T07:04:49.747

If your Unix/Linux user is writing files as 755, and you logon to the Samba server as your Unix/Linux user, than files you create/edit should theoretically be written with the 755 permissions. Have you tried this? – jason – 2013-05-22T18:15:56.477

@Pumbaa80 I see you are trying to hack the way Linux and Samba handles permissions. You probably will want to look into ACL's. With them you should be able to define permission masks per user. Thus, you log into samba with user A and read/write with permissions 755, and as user B read/write with 644. – jason – 2013-05-22T19:33:11.303

I don't see how that solves my problem. I was asking how to make sure that existing permissions are not modified. – user123444555621 – 2013-05-23T08:42:11.947

I use samba to share between Windows and Kubuntu, except on my system Linux is the host, not the VM. For my setup, I made the user names in both systems the same, then set valid users in smb.conf to my user name. I don't have a create mask setting, and permissions work fine.

[shared]
comment = My Shared Partition
path = /mnt/shared/
browseable = yes
available = yes
read only = no
guest ok = no
valid users = my_user_name

Tom

Posted 2012-05-23T10:50:59.800

Reputation: 1 321

But what does that mean for newly created files? – user123444555621 – 2012-05-23T13:09:51.390

Because the user profile names match, all new files get created with the user and primary group of the host account name, with the following permissions: -rwx------ – Tom – 2012-05-23T13:56:57.977