samba icon indicating copy to clipboard operation
samba copied to clipboard

Published 20 hours ago verified publisher icon dperson

Samba resetting ownership for all shared files

Open ninze opened this issue 4 years ago • 8 comments

When I share a volume using dperson/samba in rw mode, all existing files within that volume are chowned to user 100 and group 101. This messes up a lot of things.

I understand that users / groups are different on each image and that samba user should be the owner of new files, but I don't understand why samba needs to hijack ownerships of all the existing files in the volume. Is there any way to prevent this?

ninze avatar Jan 01 '21 14:01 ninze

I run into the same problems! What would be a good way to solve this? Mounting /etc/{group,passwd,shadow} to the container?

immortaly007 avatar Feb 28 '21 15:02 immortaly007

I run into the same problems! What would be a good way to solve this? Mounting /etc/{group,passwd,shadow} to the container?

Looking at the code I came to a conclusion that recursive chown of all files under the mount point is done on purpose of "fixing permissions". I ended up using a different image.

ninze avatar Mar 02 '21 12:03 ninze

I run into the same problems! What would be a good way to solve this? Mounting /etc/{group,passwd,shadow} to the container?

Looking at the code I came to a conclusion that recursive chown of all files under the mount point is done on purpose of "fixing permissions". I ended up using a different image.

...which one?

rpodgorny avatar Mar 02 '21 12:03 rpodgorny

I used alpine:latest and installed samba from package manager. Below is the dockerfile if you need inspiration. Replace "myuser", "mygroup" and "mypasswd" with something that makes more sense in your case.

FROM alpine:latest

RUN apk --no-cache --no-progress add bash samba tini

# Add group mygroup and user myuser
RUN addgroup -g 500 -S mygroup \
	&& adduser -S -D -H -h /tmp -s /sbin/nologin -G mygroup -u 500 myuser

# Set samba password for user myuser
RUN (echo "mypasswd"; echo "mypasswd") | smbpasswd -a -s myuser

# Declare ports we want to to listen to
EXPOSE 137/udp 138/udp 139 445

HEALTHCHECK --interval=60s --timeout=15s \
	CMD smbclient -L \\localhost -U % -m SMB3

ENTRYPOINT ["tini", "--"]

CMD ["smbd", "-FS", "--no-process-group"]

ninze avatar Mar 04 '21 12:03 ninze

Is it an option for you to run the container without the -p option (which is the one that resets the permissions)?

davidburstrom avatar Jun 12 '22 12:06 davidburstrom

How to recover the file's ownership? my colleague wants to KILL me !!!

bingo787 avatar Sep 23 '22 02:09 bingo787

I run into the same problem and it confuses me for a very long time. Originally I thought it was some bad things going on with my docker.

I have to manually fix all permissions and some containers go down randomly all because of losing executable permissions.

I finally found that the problem is I mistakenly added -p options to the start up command of container in docker-compose.yml

As far as I know, the easiest way of recovering files ownership is to use git reset --hard, or we can only manually recovering it.

cybertale avatar May 07 '23 02:05 cybertale