Read-only and shares

Bill Grzanich organix4 at mindspring.com
Thu Oct 12 15:51:52 GMT 2000 

Hi, All.

I'm running Samba 2.0.7 under VA Linux (RedHat 6.2). As is common, I have a
number of shares created that should be available only to certain groups.
For example:

[cmplianc]
        comment = Compliance share
        path=/home/groups/cmplianc
        valid users = @cmplianc, @it
        public = No
        writable = Yes
        printable = No

And this is fine. Then they wish to have certain files within that share to
have the DOS/Windows read-only attribute set, so I add the lines:
        map hidden = Yes
        map system = Yes
        map archive = Yes
to the [Global] section.

But that doesn't seem to be enough. If the Linux owner of the document
wishes to update the attributes, it works, but if anyone else in the group
(and the group is set appropriately on the file) needs to modify the
document, they cannot. So, I add this to the share:

        force user = cmplianc

and create a "user" called "cmplianc".  Now it works, but at the expense of
the actual user name as Linux owner of the file.  Everyone in the group
becomes user "cmplianc" for that share.  I can live with that, but is there
a way to preserve the Linux user name as owner and still provide the groups
sharing of files AND allow the DOS/Windows attributes to be honored?

Also, I've been asked to provide similar functionality to the Public share;
that is, allow users to set the read-only attributes on some of the files in
the Public share.  I've tried a similar approach: create a dummy Linux user
called "public" and added "force user = public" to the [public] share, but
it doesn't seem to work here. The permissions on the directory are:
drwxrwxr-x   20 public   users        4096 Oct 12 10:39 /home/public

What am I missing?  Thanks in advance.  A more complete view of smb.conf is
below.

-Bill

[global]
        workgroup = ORGANICS
        netbios name = LINUX02
        server string = Samba Server
        security = DOMAIN
        domain logons = No
        encrypt passwords = Yes
        password server = *
        log file = /var/log/samba/log.%m
        max log size = 50
        username map = /etc/smbusermap.conf
        domain master = No
        local master = No
        preferred master = No
        os level = 0
        announce as = NT Workstation
        announce version = 4.0
        socket options = TCP_NODELAY, SO_KEEPALIVE
        keepalive = 0
        message command=/usr/bin/linpopup "%f" "%m" %s; rm %s
        guest account = smbuser
        create mask = 0777
        directory mask = 0777
        hosts allow = localhost, 10.111.1.0/255.255.255.0
        print command = lpr -r -P%p %s
        printer driver file = /home/samba/printer/printers.def
        map hidden = Yes
        map system = Yes
        map archive = Yes
[public]
        comment = Public
        path = /home/public
        writeable = Yes
        guest ok = Yes
        force user = public
[cmplianc]
        comment = Compliance share
        path=/home/groups/cmplianc
        valid users = @cmplianc, @it
        public = No
        writable = Yes
        printable = No
        force user = cmplianc

More information about the samba mailing list