[Samba] Archive bit oddities
Henrik Zagerholm
henke at mac.se
Fri Sep 1 22:36:13 GMT 2006
acl group control = yes maybe?
cheers
1 sep 2006 kl. 15:07 skrev Aaron Kincer:
> Hello everyone,
>
> I've been scouring the web, reading documentation and experimenting
> with settings and I am having no luck in getting the behavior of
> the archive bit to be anywhere near expected. I have the file
> foo.txt in the personal folder that has the ADS group DOMAIN USERS
> with read/write capability (660). When the user jsmith (domain
> user) modifies the file, the archive bit is not set. Similarly, CA
> Brightstor seems incapable of clearing the archive bit when doing
> backups if the backup user is not the owner.
>
> It seems to come down to this--if the user isn't the owner, the
> archive bit cannot be automagically cleared by applications. The
> user can manually set and clear, but that doesn't help. Also,
> unless I misunderstand what force user does, that isn't an option
> for security reasons.
>
> All the stuff I've seen on the lists say that dos filemode = yes
> and/or map archive = yes are what is needed. I've tried all the
> combinations of having those two set/not set and I can say with
> confidence that in this configuration, they patently do not fix the
> issue.
>
> Any ideas? Thanks in advance. Configuration below.
>
> Aaron Kincer
>
> The configuration:
>
> Server: RHEL 4 Update 2
> Platform: VMWare
> Samba Version: 3.0.10-1.4E.9
>
> smb.conf
> ----------
>
>
> #Global Settings
>
> [global]
>
> # Settings
>
> kernel oplocks = yes
> client use spnego = no
> server signing = auto
> client signing = auto
> nt acl support = yes
>
> # Share Behavior
>
> inherit permissions = yes
> store dos attributes = yes
> dos filemode = yes
> dos filetimes = yes
> dos filetime resolution = yes
> acl compatibility = auto
> map archive = yes
> map system = no
> map hidden = no
> directory security mask = 0777
>
> # Domain Settings
>
> workgroup = DOMAIN
> server string = SERVERNAME
> os level = 0
> preferred master = no
> announce as = NT Server
> announce version = 4.9
> browse list = yes
> domain master = no
> local master = no
> enhanced browsing = yes
> idmap uid = 16777216-33554431
> idmap gid = 16777216-33554431
> winbind use default domain = no
> winbind enum groups = yes
> winbind enum users = yes
> winbind separator = +
> realm = DOMAIN.LOCAL
>
> # Security
>
> hosts allow = 192.168.1. 192.168.2. 127.
> security = ads
> password server = *
> encrypt passwords = yes
>
> # Logging
>
> log file = /var/log/samba/%m.log
> log level = 3
> max log size = 50
>
> # Network Settings
>
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> remote announce = 192.168.2.255
> disable netbios = no
> netbios name = LEXSFS01
>
> # Network Shares
>
> [common]
> comment = common drive
> path = /share/common
> guest ok = yes
> read only = no
> write list = +"DOMAIN+Domain Users"
> read list = +"DOMAIN+Domain Users"
> create mask = 0774
> directory mask = 0775
>
> [personal]
> comment = personal drive
> path = /share/personal
> guest ok = no
> read only = no
> write list = +"DOMAIN+Domain Users"
> read list = +"DOMAIN+Domain Users"
> create mask = 0770
> directory mask = 0770
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list