Today I had a very interesting issue, where a file created from a Proxmox container had incorrect permissions on the host server.
The typical umask in linux is 0002, but for the Proxmox root user it's 0022. This means files created with this user will have it's group permissions restricted to read only.
We could fix this by setting the umask on the Proxmox root user, but that could have severe and unintended consiquences (messing with root user perms never ends well). Instead, we look to smb.conf
Samba Config
I'm running Ubuntu to share the CIFS, and using "net usershare" to share the mount. We can set a global config, so that any files written to the mount will have the same default permissions that files created from the host have.
I simply uncommented and tweaked these lines in /etc/samba/smb.conf
# File creation mask is set to 0700 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0775.
create mask = 0664
# Directory creation mask is set to 0700 for security reasons. If you want to
# create dirs. with group=rw permissions, set next parameter to 0775.
directory mask = 0775
And finally don't forget to reload.
sudo systemctl reload smbd
Now files have the correct permissions (664) instead of user only read (744).
-rwxr--r-- 1 nobody nogroup 0 Dec 3 20:24 test4.txt*
-rw-rw-r-- 1 nobody nogroup 0 Dec 3 21:07 test5.txt
