[Samba] group and user permissions issue.
Ian Warburton
samba at irax.com
Wed Jun 23 10:03:32 GMT 2004
Thanks Steve
I had clearly misunderstood the scope of force user. ( actually, it was
force group ) but the principle is still the same.
Tha ctual solution was to remove the line force group = teachers the
rights then followed as expected.
Ian
> Ian,
> You appear to be incorrectly using the "force user" parameter.
>
> From the smb.conf documentation:
>
> force user (S)
> This specifies a UNIX user name that will be assigned as the default
> user for all users connecting to this service. This is useful for
> sharing files. You should also use it carefully as using it incorrectly
> can cause security problems.
>
> This user name only gets used once a connection is established. Thus
> clients still need to connect as a valid user and supply a valid
> password. Once connected, all file operations will be performed as the
> "forced user", no matter what username the client connected as. This can
> be very useful.
>
>
> This clearly explains the results you have achieved.
>
> Steve
>
>
> Privileged/Confidential Information may be contained in this message. If
> you are not the addressee indicated in this message (or responsible for
> delivery of the message to such person), you may not copy or deliver
> this message to anyone. In such case, you should destroy this message
> and kindly notify the sender by reply email. Opinions, conclusions and
> other information contained in this message that do not relate to
> official business shall be understood as neither given nor endorsed by
> ITS
>
> -----Original Message-----
> From: Ian Warburton [mailto:samba at irax.com]
> Sent: Tuesday, June 22, 2004 1:37 PM
> To: samba at lists.samba.org
> Subject: [Samba] group and user permissions issue.
>
>
> I have browsed through loads of archive material and cant seem to find
> anywhere where this exact issue has been posted.
>
> am using samba 2.28 set up as an NT domain, there are no problems with
> the general configuration. My issue is witb samba not following the
> permissons I have set on files in a shared directory.
> Purpose: set up a directory for students and teachers where students can
> leave files and only edit their own files, teachers can edit all files.
>
> unix permissions for files are like this
> -rwxrw---- 1 student1 teachers 6 Jun 22 18:22 S1.txt*
> -rwxrw---- 1 student3 teachers 17 Jun 22 18:21 S3.txt*
> -rwxrw---- 1 student3 teachers 8 Jun 22 18:21 student3.txt*
>
> therefore students can edit their own files and teachers in the group
> teachers can also edit the files.
>
>
> I create a share in samba ie:
>
> [Student_GiveWorkIn]
> user = %U
> path = /home/Give_work_in
> create mode = 750
> write list = %U
> only user = yes
> force group = teachers
>
> this works however students using this share can edit each others files.
>
> if I set the permissions to :
>
> -rwxr----- 1 student1 teachers 2 Jun 22 16:34 S1.txt*
> -rwxr----- 1 student3 teachers 8 Jun 22 17:12 S3.txt*
> -rwxr----- 1 student3 teachers 0 Jun 22 15:39 student3.txt*
>
> then students can edit their own files and no one elses, but the
> teachers
> group can't edit them either ie chmod g+w seems to mean that samba
> gives
> group access to the students as well as the teachers, when only the
> teachers should have access.
>
> I am at a loss to explain this behaviour.
>
> Ian
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
> _____________________________________________________
> This message was content-scanned by IXC Shield
> Powered by GatewayDefender - BG0b1bd641.00000001.mml
More information about the samba
mailing list