[Fwd: Re: [Samba] force create mode]

Patrick McSwiggen Pat.McSwiggen at uc.edu
Tue Jan 11 19:51:05 GMT 2005 

On Jan 11, 2005, at 4:13 AM, Patrick DUBAU wrote:
> Thanks Bart for your answer.
> I did what you say force create mode = 0770   (default creat mask = 
> 0744)
> but the files that are created are still with the rights rwx rwx r--
>
> Strange !
>
> Bart Hendrix a écrit :
>
>> Hi Patrick,
>>
>> Try to use the following in your smb.conf.
>>
>> force create mode = 0770
>>
>> Greetz Bart
>> ----- Original Message ----- From: "Patrick DUBAU"
>> <patrick.dubau at alsace.iufm.fr>
>> To: <samba at lists.samba.org>
>> Sent: Monday, January 10, 2005 5:30 PM
>> Subject: Re: [Samba] force create mode
>>
>>
>>> This is an update.
>>> I found for question 2. Just put    force group =  <group name> or
>>> set the setgid bit on the root directory of the share
>>>
>>> But i still can't solve my first problem.
>>> What do i have to do so that each file that a user creates has the
>>> following rights rwx rwx --- ?
>>> Were is the trick ? i read about force mask , creat mask ... in man
>>> smb.conf but i really don't understand....

"create mask" *removes* permissions. "force create mode" *adds* them. 
To quote from the man page for smb.conf

   This parameter [create mask] may be thought of as a  bit-wise  MASK
   for  the  UNIX  modes  of  a  file. Any bit *not* set here will be
   *removed* from the modes set on a file when it is created.

So if you don't want the o+r bit set use:

   create mask 0770

If you now want to force ug+rwx permissions for all files, *also* use:

   force create mode 0770

Another way of thinking about these is that "create mask" sets an upper 
bound on the permissions for the file and "force create mode" sets a 
lower bound, and the actual permissions are in between. (Except that 
force create mode is applied second, so if it is more permissive than 
the create mask, force create mode will override create mask.) Note 
that neither of these apply to directories. The analogous parameters 
there are "directory mask" and "force directory mode".


-- 
Patrick D. McSwiggen                            pat.mcswiggen at uc.edu
Mathematical Sciences                            513-556-4080
University of Cincinnati                         513-556-3417 FAX

More information about the samba mailing list