Topic: Owner changed after saving file on samba share

[beast]

Hi All

Uses Ubuntu 14.04 as my desktop and work with web development on an SME 8.1 server.

With Gedit and other text editors every time I open an existing file and save it again it changes the owner and group to my user name on the file (permissions are also changed) - why?

Very annoying as I manually have to change this after each file save. Prior I am only member of the group for the file.

This is not the case with windows where owner etc. is left intact.

I asked this question in a Ubuntu forum and they are quite sure it is a problem with the Samba setup on SME

Something about the create_mask was set like this.

[share]
    comment = Ubuntu File Server Share
    path = /srv/samba/share
    browsable = yes
    guest ok = yes
    read only = no
    create mask = 0755 <---

But do actually not know where to check this on SME.

Thank you all for any suggestions.
Benny

[CharlieBrady]

With Gedit and other text editors every time I open an existing file and save it again it changes the owner and group to my user name on the file (permissions are also changed) - why?

Presumably those editors are creating a new file (temporary file) and renaming it to replace the existing file. It's usual for linux programs to do that, as it ensures that the original file is not lost if there is an error creating the new file, e.g. because the file system is full.

Since you created the new file, you are the (new) owner of it.

[beast]

Presumably those editors are creating a new file (temporary file) and renaming it to replace the existing file. It's usual for linux programs to do that, as it ensures that the original file is not lost if there is an error creating the new file, e.g. because the file system is full.

Since you created the new file, you are the (new) owner of it.

This is a really stupid behaviour in my view. At least the program then need to restore the owner, group etc. of the file again.

If I am unable to find a good JavaScript editor with syntax highlight for Linux I will have to use Windows

[CharlieBrady]

At least the program then need to restore the owner, group etc. of the file again.

The group should just be the group owner of the ibay, and the owner shouldn't matter if group write permission is set on the ibay.

What problem are you trying to solve? Why do you want the original owner to be preserved when you edit the file? What permissions do you have on the i-bay?

[Stefano]

I would add (questions for OP):

- how do you access your ibay in ubuntu?
- can you post here the output of

Code: [Select]

db accounts show your_ibay_name
?

- do you have any kind of customization (custom fragments) that involves samba?

[beast]

The group should just be the group owner of the ibay, and the owner shouldn't matter if group write permission is set on the ibay.

What problem are you trying to solve? Why do you want the original owner to be preserved when you edit the file? What permissions do you have on the i-bay?

Because the files are accessible for external access via apache they need at least special permissions, but prefer special owner and group also. All of this change when I edit the file and save. Both owner and group is now my user, but it also change permissions so it will not work for apache anymore (owner can read and write, but group can only read as far as I remember)

[beast]

I would add (questions for OP):

- how do you access your ibay in ubuntu?
- can you post here the output of

Code: [Select]

db accounts show your_ibay_name
?

- do you have any kind of customization (custom fragments) that involves samba?

I access the files with the standard Nautilus browser in Ubuntu and just browse the network (no manual mapping and at first access I must have used my SME credentials)

pass_ibay=ibay
    CgiBin=enabled
    Gid=5050
    Group=pass_group
    Indexes=disabled
    Name=pass_ibay
    PHPBaseDir=/home/e-smith/files/ibays/pass_ibay/html:/dev/urandom:/usr/share/pear-addons
    PasswordSet=no
    PublicAccess=global
    Uid=5050
    UserAccess=wr-admin-rd-group

As far as I know everything is standard in relation to Samba

[ReetP]

This may be a bit O/T but FYI.

On Xubuntu I map shares via fstab. I had issues with certain ownerships.

In SME there is a 'shared' group that everyone belongs to.

e.g.

on SME :

cat /etc/group

shared:x:500:www,admin,public,user1,user2


So I add a group called 'shared' on the client and add the users to it:

on Client :

cat /etc/group

shared:x:500:user1,user2

Now all files are owned someuser:shared

This is a really stupid behaviour in my view. At least the program then need to restore the owner, group etc. of the file again.

Regarding your problem, it isn't 'stupid' if you understand why it happens.

A quick search for "samba edit file changes original owner" took me here - read the very last para (and the reason is as per Charlies post)

https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html

Samba is just code - it doesn't perform miracles

If I am unable to find a good JavaScript editor with syntax highlight for Linux I will have to use Windows

Good luck

Personally when I modify files directly in a web accessed directory, I always go back and manually set ownership and permissions just for good measure.

These are quite handy (as a for instance):

find . -type f -exec chmod 644 {} \;
find . -type d -exec chmod 755 {} \;
find ./ -user someuser -exec chown user:group {} \;

B. Rgds
John

[beast]

Regarding your problem, it isn't 'stupid' if you understand why it happens.

A quick search for "samba edit file changes original owner" took me here - read the very last para (and the reason is as per Charlies post)

https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html

Samba is just code - it doesn't perform miracles

Thank you for the good information and it was not OTT

But the reason for the behavior as indicated by Charlie is clear to me and I also think many Windows programs behave this way. For instance Word as seen in your link.

But I still think it is stupid that the programs do not recreate the owner, group and attributes of the file after edit. This is in my view the most logic behaviour. I admit that it is difficult for Samba to do this but the actual program that perform the edit have the possibility. It is "almost" easy to see a safe standard operating system approach for keeping the owner etc. during edit of a file. May be what Windows actually have?

If Google had made "Google Documents" with the same approach then anyone that edit an on-line Google document automatically becomes the owner and exclude everyone else to edit the same document thereafter

In my view this is a similar situation and the reason why I think it is a stupid behaviour!

Linux programs can actually do it another way around. Open the file and make a copy of it. Edit the copy. At save move the content of the edited document to the original document and save the original document. If a success with the last move operation delete the edit copy. If something goes wrong during the last copy/move operation we still have something of a backup.

[janet]

beast

ReetP gave you an answer/workaround  re what to configure on your sme server & Linux client re shared access, so try that as it seems to be the answer.

Your comments about stupid behaviour of systems perhaps suggests you want client users to have root access (not a good idea) or to somehow rewrite the Linux OS.
They would be better posted in the appropriate workstation OS forum.

[beast]

ReetP gave you an answer/workaround  re what to configure on your sme server & Linux client re shared access, so try that as it seems to be the answer.

Your comments about stupid behaviour of systems perhaps suggests you want client users to have root access (not a good idea) or to somehow rewrite the Linux OS.
They would be better posted in the appropriate workstation OS forum.

Sorry for raising this question........ Clearly not here a discussion can be taken about this subject. Only trying to understand this problem.

And I had no intention about giving root access. I work with security on a daily basis!

[janet]

beast

Discuss all you want, but your requests are not likely to be acted upon by anyone here as it is not a sme server issue. There are better or more appropriate forums where you can raise the issue.

You have an answer related to using sme server so "just do it".

[beast]

beast

Discuss all you want, but your requests are not likely to be acted upon by anyone here as it is not a sme server issue. There are better or more appropriate forums where you can raise the issue.

You have an answer related to using sme server so "just do it".

If it is a behaviour for SME and people have problems understanding it then I think it is relevant to have a discussion about it. Sorry I think it was a rude reply you made. Had been way better just to ignore my post. That I could have accepted without problems. But the tone in your reply made me feel as if mother had corrected me.

Your reply also indicate that this forum is only for raising questions that can return a single reply from an expert - no room for any sort of discussions!

This is not the way I understand this forum, but please do not reply as I think this discussion goes in the wrong direction. Just hope that you may think about your reply tone next time you reply to somebody. But it is properly just me that are way too sensitive!

[janet]

Beast

My original reply made 3 comments,
1) reminded you a technical answer had been given, as you seemed to have overlooked that, & I see this often in these forums (ie no comment was made by you about the answer or its effectiveness).
2) made a technical comment that root access type power for users was not a good idea
3) suggested you post in a more suitable forum related to the workstation OS you were using, a common recommendation made by many people in these forums

There was nothing rude or offensive in what I said.
You called for discussion so I replied !

[ReetP]

Beast,

no one is trying to have a go at you.

Quite simply you are asking for something that is not possible with Linux written the way that it currently is.

Janet was merely making the point that there is nothing WE can do about it. What you are asking for is something that would have to be addressed WAY up stream.

Calling the current situation 'stupid' is not really the way to deal with it, however you might feel about it. Ultimately the issue lies with the apps (not SMEs fault) or Linux itself (again, not SMEs fault). Those are the places you need to go to get things changed (try calling THEM stupid !). However, remember that an app can't necessarily change permissions the way you might want them done (e.g. changing from a.user to www or apache) unless it had root access (and if you understand security you will understand this much better than me)

Your fundamental problem stems from you wanting to edit/write on files with user permissions outside the scope of a normal user. This is not really an issue for most normal users (hence you don't see thousands clamouring for change). It only becomes problematic if you want to use 'system' user permissions.

Personally, I like to know who the last person was who edited/broke a file

Yes I am sure you may well be able to do it on GApps, but that it is because it is written differently (and remember you aren't trying to save a files to a system area etc etc etc - you may find it different if you did). We can only work with what we have !

So do by all means make constructive comments, write a wiki page about it, but please don't call the issue "stupid" just because you don't like it and especially when there isn't a single thing we can about it !

B. Rgds
John