Network and Storage Protocols

Umask is not working on CIFS share

jose_miguel_almagro
7,524 Views

Hello!

I'm trying to configure a volume with CIFS and NFS access.

When a Windows user creates a file, the permissions at Linux level are 744.

I need to set permission to 777, so I change cifs share with umask 000.

But it doesn't work!!! The default umask in Linux server is 022, but if I change it to 0, it doesn't works neither....

What am I doing wrong?

7 REPLIES 7

billshaffer
7,524 Views

umask 0 (in linux) will only set the execute bit on directories.  I imagine it works the same with NetApp CIFS.  If you really need the file execute bits set, you'll need to do it manually.

Is the volume unix, ntfs, or mixed security?

You say you created the share with umask 000, and it didn't work - what happened instead?  If it turned up -rw-rw-rw, then see my first note.  Otherwise, if you change the cifs options you'll sometimes need to unmap/map the drive again - I've even seen the windows box need a reboot (windows!).

You say setting the linux umask to 0 didn't work either - again, was the result -rw-rw-rw?

Bill

aborzenkov
7,525 Views

umask on Unix does not set anything - it clears bits in file modes.

jose_miguel_almagro
7,524 Views

Hello Bill

Thanks for the response.

You're saying that I cannot create a file with an administrator user via CIFS in a volume with UNIX or MIXED security, and that this file have rwxrwxrwx permissions when I do a ls -l in a linux host on the same volume?

Like you're saying, with every configuration (cifs shares -change umask, umask at linux level, ....), I only can get rwxr-x-r-x

I cannot get write permissions to the group and to others

My customer has an old Vseries controller, and he have to launch this process manually (chmod 777), and I only want to confirm this problem, because I've been trying for days, and It isn't works

aborzenkov
7,525 Views

If you have unix security qtree - what are permissions for top-level directory itself?

You may also try to set cifs.preserve_unix_security on, this may allow CIFS clients to explicitly control Unix mode bits. See TR-3490 for details.

billshaffer
7,524 Views

Jose:

Correct - I do not believe that you can get the execute bit set on files by manipulating the umask - only on directories.

You SHOULD be able to get group write permissions - but you're saying that, with a umask at the volume set to 0, you get rwxr-x-r-x?  On a file or directory?

Bill

jose_miguel_almagro
7,524 Views

Hi Bill.

My problem is getting "others" write permission.

Actually, I have write permissions to apache, but I've been talking with the customer and I told him that he should run a chmod manually (or a script) to obtain "others" write permission.

Like you are saying, the umask of the volume is set to 0. I already tried with file_umask and directory_umask with same results.

I'll continue searching and testing.

Thanks!

billshaffer
7,525 Views

I found this, though I can't test it right now: https://kb.netapp.com/support/index?page=content&id=3011255.

Says that permissions are limited to permissions on the parent dir - so if the parent dir doesn't have o+w, you won't get it on the files.

News to me....

Bill

Public