Samba suggestion. (.smbaccess)

David Lee T.D.Lee at durham.ac.uk
Fri Oct 6 18:22:44 GMT 2000


On Fri, 6 Oct 2000, Robert Dahlem wrote:

> On Thu, 5 Oct 2000 16:16:30 +0100 (BST), David Lee wrote:
> 
> >As of 2.0.7 there is a feature called "inherit permissions" which 
> >might help.  See the smb.conf(5) man page in 2.0.7 .
> 
> On Thu, 24 Aug 2000 18:59:22 +0200 I sent you some notes about 
> "inherit permissions":
> 
>     The problem with "inherit permissions = yes" is that it 
>     effectively prevents setting the read-only attribute (dropping the 
>     w-bit(s)) on existing files.
> 
>     All the documentation tells that it only will have effects on 
>     newly created things but it insists on chmod-ing with the parent 
>     directories attributes whenever you fiddle with attributes from 
>     the clients side.
> 
> Has something be done on this yet?

Personal disclaimer:  I'm a mere end-user, not a central Samba team
member. It so happens that a particular idea of mine (inherit permissions) 
and its initial implementation were accepted by the Samba team.  But its
future development lies with the Samba community as a whole, not with me.
(I'll be an interested onlooker, and perhaps throw in the occasional
comment, but my role is now very much peripheral.) 

UNIX users (like me) are used to setting permissions on a file, and the
utilities ensuring that such permissions are preserved.  That's the UNIX
way of doing things.  For instance, we regard editing a file as simple
tweaking a few bytes within it, but everything else remains intact.

By contrast, Windows utilities seem to recreate things from scratch.  Even
the most tiny edit appears basically to copy the old file to a new file,
tweaking en-route, then deleting the old file and renaming the new file. 
So far like a UNIX implementation: but, significantly, the Windows
applications typically seem to fail to ensure that the original attributes
are carried across to the replacement.

Thus a Windows edit-like operation has to be imagined as basically making
a new file, rather than as diddling with an old one.

The purpose of inherit permissions was to allow a given directory trees to
have a common model of {private,group,public}+{read,write} within it as it
is developed and expanded.  Any exceptions will require individual
maintenance.  It was a "95%", not a "100%" solution.  (The "95%" was a
clean concept, which was, at our site at least, also very common.  The
remaining 5% ramps very rapidly up awya from this into the expert/geek
category, and I suspect there are no shortcuts.)

Hope that helps.  Best wishes.

-- 

:  David Lee                                I.T. Service          :
:  Systems Programmer                       Computer Centre       :
:                                           University of Durham  :
:  http://www.dur.ac.uk/~dcl0tdl            South Road            :
:                                           Durham                :
:  Phone: +44 191 374 2882                  U.K.                  :





More information about the samba-technical mailing list