[Samba] Samba Permission

Gerald glug at webmail.co.za
Tue Sep 19 14:14:32 GMT 2006 

Felipe Augusto van de Wiel wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 09/18/2006 09:15 AM, dazamaz escreveu:
>   
>> Hi guys,
>>     
>
> 	Don't forget the girls... :)
>
>
>   
>> I have been setting up a samba server to share some directorys around my
>> office network. Now I have been successful in making these shared directorys
>> so that everyone can access them, but what I really need to do is to make
>> the shares to have limited accessibility.
>>
>> What I need is to have 1 folder that is completely Private to everyone else
>> but 1 user and everytime I have tried this using the samba share gui (by
>> clicking on the option saying only allow this user) noone, not even that
>> 'allowed' user, can access it.
>>     
>
> 	You can use 'valid users' for that.
>
>
>   
>> Also I need to make a folder that people can traverse to and read the
>> contents of and can dump content into this folder but are not allowed to
>> delete any content contained in the folder.
>>     
>
> 	You can use combinations of 'force user', 'inherit owner',
> 'force mode' and even FileSystem ACLs.
>
>
>   
>> I have been able to get the permissions going so that they are read only and
>> read/write but I cannot make the permissions to the exact specifcations that
>> I need.
>>     
>
> 	Complex permissions settings needs complex configurations. :)
>
>
>   
>> 1 more thing, I thought that maybe I needed to use chmod to change the
>> permissions on the directorys to allow for this but, correct if I'm wrong
>> please, the 3 numbers don't they represent owner, group and then world?
>> So with this I decided to make the permissions according to groups but then
>> I found out that I needed to allocate the permissions on the 'world' part in
>> order for them to be effective over the network. Thus stopping me from using
>> groups to allocate permissions.
>>     
>
> 	In fact, 4 numbers, special bits, owner, group and others.
>
> 	But you should use samba resources to take care of permission.
> Probably you will need FileSystem ACLs (POSIX ACLs) to handle that.
>
>
>   
>> Any help on my situation would be greatly appreciated.
>> Sorry for the rather lengthy post but I thought if I add as much detail as I
>> could it would make it easier for someone to help me out.
>>     
I used
user = sandy, mark
force user  =  nobody


im also basically doing the same thing you doing, but im just having 
problems setting the file system and setting the shared folder so users 
"nobody" can access it

Regards
Gewrald

More information about the samba mailing list