Access Denied From Windows Changing Security Setting When I Use A Folder Connected To A Fake Drive Made With Dd

Home » CentOS » Access Denied From Windows Changing Security Setting When I Use A Folder Connected To A Fake Drive Made With Dd
CentOS 7 Comments

i make a image file connected to /dev/loop0 formated as ext4 partition and connect it losetup /dev/loop0 /root/disk.img

then make format the loop drive with mkfs.ext4 -o rw,usrquota,grpquota /dev/loop0 /disk connected it to /test

the only way to write there other users except root is setting with chmod o+w /test

from windows 7 using samba 4 i can write to folder but i cannot set security setting getting always access denied when i am setting security settings on the share

what is wrong

thank you

sarantopoulos nikos

7 thoughts on - Access Denied From Windows Changing Security Setting When I Use A Folder Connected To A Fake Drive Made With Dd

  • Yes, that is expected.

    You haven’t told us anything about your Samba configuration, so it’s impossible to say.

    I’ll make a wild guess though. You’re using “security = user” and possibly mapping users to a guest account. IIRC, you can only change items in the Windows security tab if you’re using “security = domain” or
    “security = ads”

  • i will tell you about my setup

    my setup is done with the command samba-tool domain provision –use-rfc2307
    –interactive on the version 4.3.9 that i am thinking for me that version is enough stable the last version doesn’t have any more the “Authenticated Users”

    it is active directory my server setup i am suspicious that is something wrong when i am connecting to a loop device that is made this way dd if=/dev/zero of=imgfile bs=1M count` for example then losetup /dev/loop0 imgfile and formating it as ext4 filesystem

    but only root have there write access am i doing something wrong?

    this path is connected to a smb.conf with the following way:

    [test]
    path = /path (where is mounted the loop device)
    read only = no

    thank you

    nikos sarantopoulos

  • Is it a standalone AD server or a member of a domain?

    If it is standalone, how did you join the Windows workstation to the domain? How did you create new users? Are you using those new users on the Windows workstation?

    If it is a domain member, how did you join the AD domain?

    No, that’s normal. An ext4 filesystem supports permissions, and you must manually set them to allow users to write to the new filesystem.

    You may have to deal with SELinux labels at some point, but at this point, I suspect your problems are more fundamental.

  • it is a standalone server but what permissions i should set to this image connected to a loop device the selinux is disabled

  • i join windows workstations from the computer with the properties and switching it to a domain giving after the credentials of the Administrator and the password of the Administrator to join the active directory domain

  • Again, how did you create users in the Samba AD domain? Are you logging in to Windows using those AD user accounts?

  • Ignore the fact that the filesystem is on a loopback device. You will set permissions exactly the same way you would for any other directory.
    Generally: create a group of users in Samba AD, add the appropriate Samba AD users to the group, allow the group read/write access to the directory, and set the SGID bit so that group ownership is inherited from the parent directory.