[Samba] Linux Groups and Samba

[Achim Ehrlich]

Hi all,

I like to restrict the access to certain files in a samba share via Linux file permissions. 
During configuration i encountered a problem, which puzzels me. I want to restrict a 
subtree of a share to a certain unix group and another subtree of this subtree to 
another group, which is a subset of the first. In effect this looks like this:
directory		a (suid group x)
subdirectories	b (suid group x)		c (suid group y)
with a, b belonging to group x and c to group y, all members of x are also members 
of y. The Linux-permissions are set to 2775, the suid bit for the groups is set. The 
permissions for files are set to 660.
Now comes the problem:
If a user, who is member in both, group x and y wants to modify a file created by 
antother user. In directory a and b this works fine, the user has readwrite access to 
the file. In subtree c however the user has no permissions to access the file. 
Needless to say accessing the same files from linux, everything works fine.
Here is the configuration of my share:
        comment = grptest
        path = /taskit/testshare
        guest account = nobody
        valid users = @x, @y
        read only = No
        create mask = 0660
        directory mask = 775
        force create mode = 0660
        force directory mode = 02775
        inherit permissions = No  //changing this parameter didn't change anything
        delete readonly = Yes

The map archive etc directives are all set to no. I use samba version 2.21a. 
Extensive logging didn't show anything informative in regard to this problem. In Level 
3 the attempt to access the file wasn't recorded at all. Any pointer for solving this 
problem would be nice, Is it maybe not possible to handle it this way?

thx

achim