[Samba] write list for share is ignored
Jon Trauntvein
jon at campbellsci.com
Fri Jan 22 11:35:19 MST 2010
Andrew Masterson wrote:
> -----Original Message-----
> From: samba-bounces at lists.samba.org
> [mailto:samba-bounces at lists.samba.org] On Behalf Of Jon Trauntvein
> Sent: Friday, January 22, 2010 10:00 AM
> To: samba at lists.samba.org
> Subject: [Samba] write list for share is ignored
>
> I recently updated a Samba server from Fedora Core 4 to CentOs 4.5. The
> old server had samba version 3.0.11 installed while the newer has samba
> version 3.0.33 installed. The following file is a simplified version of
> my smb.conf file:
>
> [global]
> debug level = 5
> security = domain
> workgroup = CSI-INTRANET
> auth methods = guest, sam, winbind
> server string = Software Engineering Workgroup Server
> load printers = yes
> guest account = nobody
> log file = /var/log/samba/log.%m
> max log size = 1024
> encrypt passwords = yes
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> dns proxy = no
> map to guest = bad user
>
> winbind separator = \\
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> winbind enum users = yes
> winbind enum groups = yes
>
>
> [cora]
> available = yes
> browseable = yes
> path = /home/group/cora
> public = yes
> guest ok = yes
> read only = yes
> write list = @cora
> force create mode = 0775
>
> ---------------------------
>
> Why do you have this set?
>
> read only = yes
>
> http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html
>
> "If this parameter is yes, then users of a service may not create or
> modify files in the service's directory."
>
>
The share needs to be read-only for all but authorised users. My
understanding of the "write list" setting is that it accomplishes
exactly that:
"This is a list of users that are given read-write access to a service.
If the connecting user is in this list then they will be given write
access, no matter what the read only
<http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#READONLY>
option is set to. The list can include group names using the @group
syntax. "
I have, by the way, attempted to remove and/or change the value of the
read only setting and this has had no effect.
__________ Information from ESET NOD32 Antivirus, version of virus signature database 4797 (20100122) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
More information about the samba
mailing list