[OpenIndiana-discuss] An odd permissions issue...

[Michelle Knight]

OK - this is going to be a difficult one to explain. Then again, I'm always 
known for coming across the strange stuff.

Local box...
Ubuntu 10.10
User name "michelle" UID 1101
 group name "michelle" UID 1101

Remote box...
OI 148
User name "michelle" uid 1101
 group name "michelle" UID 1101
control group - "useradmin" uid 1200

Remote box publishes a share by the name of "mirror" which is then mounted on 
the local client.

To allow protection, but also access, the files in the user storage on the 
remote box are chown'ed to "<username>:useradmin" and chmod to 770 by a script 
every night. So if a user puts a file in during the day, a "useradmin" user is 
able to alter it the following day.

In this case, "michelle:useradmin" ... so that a user administrator can get at 
the files, and also the owner can get at the files.


The remote drive is mounted on the linux box as follows...
sudo mount //192.168.0.2/mirror /home/michelle/Documents/mirror -o 
user=michelle,password=*********,file_mode=0777,dir_mode=0777

On the local machine, all files on the remote share display as owned by 
root:root and chmod 777, but remote permissions are honored.

So, as I am both mounted as myself and also I am a member of the useradmin 
group, I can manipulate all files on the remote system.

However, there is a strange behaviour...

On the share, a file which is as follows...
test	michelle:useradmin 770
... can be browsed to and deleted regardless of whether the owner is 
"michelle:michelle" or "michelle:useradmin". 
IE. I can fully manipulate files.

If I create a directory (before the maintenance script changes the ownership) 
it is created as "michelle:michelle" and I can delete it via the client with 
no issue.

On a directory which is as follows...
test	michelle:useradmin 770
...I get permission denied.

Summary,
A file which is either michelle:michelle or michelle:useradmin and set to 770, 
can be deleted through the smba mount.
A directory which is set to michelle:michelle (770) can be deleted, but a file 
set to "michelle:useradmin" gets permission denied trying to delete it.

It doesn't make sense to me.