File/Dir permissions under a share
Mike Brodbelt
m.brodbelt at acu.ac.uk
Fri May 26 14:35:21 GMT 2000
Dan Hill wrote:
>
> I am trying to duplicate the setup on my netware box on my samba box.
> Everyone wants to keep a single drive letter and go to the various dir's
> from there. So, what I did was create a share called "sys" and created
> various dir's underneath it, e.g. hr, eng, etc....
>
> I setup the hr dir and files therein with 770 (i tried 777 also) and
> root:hr permissions. If an hr group member goes into the hr dir and
> tries to modify or create a file, the access is denied. I am assuming
> that samba uses unix group membership to determin if a user can access a
> given dir. Does anyone know what I could be doing wrong? I would
> attach files for more info, but rather than showing wasteful text,
> I decided to wait for comments.
>
> I know that creating these dir's under one share is probably not the
> best thing, but my "users" namely uppers insist on one drive, e.g. G:\,
> where they can go for all of the dir's available to them
I don't see a problem with this kind of setup in general - I use a
"common" share, and have several subdirectories with different
permissions. I set it up like this:-
[common]
comment = General file share
path = /usr/local/filestore/common
valid users = @everyone
admin users = @smbadmin
writeable = Yes
create mask = 0755
force create mode = 020
directory mask = 02775
force directory mode = 02070
map system = Yes
map hidden = Yes
Then, under the share root, I have several directories
$ ls -l /usr/local/filestore/common/
total 11
drwxrwsr-x 11 root adverts 1024 May 17 09:25 Adverts/
drwxr-sr-x 12 root schols 1024 May 8 14:41 Awards/
drwxrwsr-x 24 root chems 1024 May 23 12:41 Chems/
drwxrwsr-x 18 root finance 1024 May 25 09:55 Finance/
drwxrwsr-x 19 root everyone 1024 May 26 11:36 General/
drwxrwsr-x 6 root library 1024 Feb 28 09:58 Library/
drwxrwsr-x 7 root memmark 1024 Jan 14 11:17 M+M/
drwxrwsr-x 10 root schols 1024 May 18 10:13 Marshall/
drwxrwsr-x 11 root support 1024 May 26 14:38 Support/
drwxr-sr-x 3 root everyone 1024 May 25 15:43 Templates/
drwxrwsr-x 16 root yearbook 1024 May 11 08:40 Yearbook/
The combination of the directory mode settings in Samba, and the SGID
bit on the directories makes the group ownership work nicely for me. If
you don't have the SGID bit set, this could result in users creating
files with a group ownership you don't want. You can use Samba share
setting to achieve this instead if you like.
HTH
Mike.
More information about the samba
mailing list