Samba shares are only readable. Fritzbox 7390

[e-r-a-n]

Hello everyone,
I have two hdd's connected to my router ("Samsung", "Seagate")
Both of them are HFS, not journaled.
I can write to the disk when I connect directly to my router (telnet), but when I use my local computer, I get permission denied.
My configuration is as follows:
In freetz webui, Samba -> Settings:

Samba security: Share
Username/Password: aa/aa
Default Shares: Share all partitions is checked.

Samba->Options:

empty

Samba->Shares:

/var/media/ftp/Seagate/ Seagate 1 0
/var/media/ftp/Samsung/ Samsung 1 0

I also tried to peek at /var/mod/etc/samba/smb.conf:

### global
[global]
netbios name = FRITZ.BOX
workgroup = WORKGROUP
server string = %h (Samba %v)
syslog = 1
syslog only = yes
encrypt passwords = true
passdb backend = smbpasswd
obey pam restrictions = yes
socket options = TCP_NODELAY
unix charset = ISO-8859-1
preferred master = yes
os level = 20
security = share
guest account = ftpuser
username map = /mod/etc/samba/users.map
### expert
### default
[SAMSUNG]                              
 path = /var/media/ftp/SAMSUNG         
 user = ftpuser                        
 read only = no                        
[Seagate]                              
 path = /var/media/ftp/Seagate         
 user = ftpuser                        
 read only = no
### default
### shares                             
[Seagate]                              
 comment =                             
 path = /var/media/ftp/Seagate/        
 guest ok = yes                        
 read only = no                        
                                       
[Samsung]                              
 comment =                             
 path = /var/media/ftp/SAMSUNG/        
 guest ok = yes                        
 read only = no                  
                                
 user = ftpuser                 
### fin

I tried editing that file and see if it helps in some sort of way, but no change is saved after a

/etc/init.d/rc.samba restart; /etc/init.d/rc.smbd restart

What am I missing? Its *really* frustrating.

 

[RalfFriedl]

I don't think you should use two sections with the same name.

Also, you should find out which user is used for the access and make sure the this user has the right to write.
When you write that it works with telnet, what you say is that it works as user root.

 

[e-r-a-n]

ftpuser = "aa", but if I try to login with aa, it will say that user is incorrect.
if I login is guest (and it is written there that guest access is ok) I get only read permissions.
When I said that telnet works, Im not sure its because root, its because its just that the telnet is to the device (the fritzbox) That is physically attached to the harddrives

 

[RalfFriedl]

Well, I am sure that it is because with telnet you access the file system as root.
For the samba process, the hard drives are also physically attached.

 

[e-r-a-n]

So I should use my telnet user/pass for the samba access?
How do I define a user with write access for samba?
The user I tried to use from web ui settings page isnt working.

 

[RalfFriedl]

You can try to access the samba process with user root. For this to work, the password must also be in smbpasswd. Actually itt doesn't have to be the same password as the login password.

You can also try to add "force user = root" to the samba configuration. This causes all accesses to be done as root.
Obviously you must verify that the security implications are acceptable for you.

 

[e-r-a-n]

Could you give more instructions how i do it?
I tried to add

force user = root

in the options menu, I keep login in regularly and it seems that:
1. my Seagate HDD is r+w, but I cant modify old files, only newly created items are writeable
2. my Samsung HDD is read only, no matter what. Dont know why.
configuration is obviously the same.

 

[RalfFriedl]

If you can create files, what is the owner, group and mode of the new files?

How is your complete smb.conf now?
Did you remove the duplicate sections?

 

[e-r-a-n]

If you can create files, what is the owner, group and mode of the new files?

How is your complete smb.conf now?
Did you remove the duplicate sections?

The new files, with ls -l contains

-rw-r--r--    1 root     root         14469 Dec  8 22:56 myFile

the rest contains

drwxrwxrwx    1 99       99

And that is possible only with the seagate drive, on my Samsung its impossible.

the current smb.conf is:

### global                   
[global]                     
netbios name = FRITZ.BOX     
workgroup = WORKGROUP                  
server string = %h (Samba %v)          
syslog = 1                             
syslog only = yes                      
encrypt passwords = true               
passdb backend = smbpasswd             
obey pam restrictions = yes            
socket options = TCP_NODELAY           
unix charset = ISO-8859-1              
preferred master = yes                 
os level = 20                          
security = share                       
guest account = ftpuser                
username map = /mod/etc/samba/users.map
### expert                     
force user = root              
### default                    
### shares                     
[Seagate]              
 comment = 0, file umask=777           
 path = /var/media/ftp/Seagate/        
 guest ok = yes                        
 read only = no                        
 group                                 
 user = ftpuser                        
[Samsung]                              
 comment = 0, file umask=777           
 path = /var/media/ftp/SAMSUNG/
 guest ok = yes                
 read only = no                
 group                         
 user = ftpuser                
### fin

 

[RalfFriedl]

So the file is created as root, as it should be. It is strage that root can't overwrite files. Maybe some check in the client?

You can try strace to find out what happens.

 

[e-r-a-n]

Well, I thought maybe something with the groups could do a different.
How do I use strace for debugging the smb transfer?

 

[RalfFriedl]

The group statment in your smb.conf is strange, because it should read "group = ...". Maybe "group = 99", as well as "force user = 99". But it is possible the Samba doesn't like numbers for users and groups.
This leads to the question where the 99 for user and group come from, because both don't seem to be defined on your system.

First you need strace in your image. Then you must find out the process id (PID) of the Samba process serving the connection. That means that you esablish the connection, then you use the command "netstat -ntp | grep smb" to show the Samba connections. There should be only one connection (don't use other connections while debugging). If your netstat doesn't support the option 'p', try "pidof smbd". There should be two or three processes, try the highest number first.
Then attatch to the process with "strace -fs200 -p "PID". Try to create a file from the smb client. Expect lost of output from strace. Look for calls like set[res]*[ug]id.