How to create but not delete file/dir?
Bill Moran
wmoran at iowna.com
Sun Oct 28 07:07:07 GMT 2001
> Content-Type: multipart/alternative;
Could you turn this off? It makes Netscapem mail barf.
I'm sure a lot of people don't even read mails formatted
like this.
Libor Vanìk wrote:
> I want to setup rights so that users can create
> files/dirs but once they close them they have read-only
> right for them. I'm using Samba 2.2.2 on XFS but AFAIK
> XFSs ACL won't help me. One friend told me that he saw
> once some "well hidden" parameter for Samba which allows
> this :-)
No "well hidden" parameter. You just have to know how to
work the Unix permission system.
Simply this:
1. Create a special user/group that will always have rigths
to that directory (you can just use root.wheel depending
on how your security is organized)
2. Make sure the owner of that directory is the special user
described in step #1.
2. Set the permissions on the directory to 6777
3. Set the create mask for that share to 644 or something like
that (in Samba, you may need to make this directory a
dedicated share if this doesn't jive with the create mask
you use for other directories)
Here's how it works:
a) Everyone has write permissions to the directory, so everyone
can save files there.
b) Since the setuid/setgid bits are set on that directory, when
someone saves a file there, the user.group is set to whoever
you put in #1.
c) Because the create mask is 644, the only person who has write
permission to the file is the owner, so the original creater
can no longer mess with it.
Hope that help,
--
Bill Moran
Potential Technology
http://www.potentialtech.com
More information about the samba
mailing list