Approach to permissions, UNIX usernames, and UNIX groups ..

Jason A. Diegmueller jason at
Fri Dec 3 22:36:52 GMT 1999

Samba users--

I have a question I wanted to throw out to the general public.  When
dealing with reasonably large numbers of users (120+, in this case),
how do most of you handle your UNIX permissions, usernames, and groups
in corralation to your SAMBA?

Basically, I have a number of Windows 95/98 clients that authenticate
against a Novell server, as well as Apple clients.  Recently, I got
a nice, new Linux box (with a sizeable RAID array) running SAMBA.
is currently serving up files; I want to move the responsibility of file
serving to my Linux machine.

With Novell, it's simple to take a subdirectory and assign it
Bob, Al, and Tom can read and write to this directory.  No one else can 
access it.  With Linux, it seems a bit trickier.  This is where I'm
for input.

I need to create a directory structure reasonably deep (3-5 directories
off of the main RAID mount point, with 5-10 directories under that, with
another 3-10 directories under those).

The best approach I have come up with so far is to create a group
specifically for each subdirectory, and put .. say .. Bob, Al, and Tom
it.  Then I make sure the directory is owned by, and could
the "force create mode" and "force group" directives in my smb.conf to
the files as rwxrwx--- and assigned to the group with respect to the
subdirectory it is in.  The only problem is, this means I have to manage
100+ groups with 100+ SAMBA shares, and it seems there has to be a
better way,
and I'm just not seeing it.

Is there a way to tell SAMBA to assign files being written to the group 
of the subdirectory the file is being written to?  Is there a better way
altgother to approach this (I hope there is =).

Any insight or webpage references on approaches to medium-to-large-scale
fileserving with SAMBA on a network are appreciated.  Thanks.

More information about the samba mailing list