How to create but not delete file/dir?

Bill Moran wmoran at
Sun Oct 28 07:07:07 GMT 2001

> Content-Type: multipart/alternative;

Could you turn this off? It makes Netscapem mail barf.
I'm sure a lot of people don't even read mails formatted
like this.

Libor Vanìk wrote:
> I want to setup rights so that users can create
> files/dirs but once they close them they have read-only
> right for them. I'm using Samba 2.2.2 on XFS but AFAIK
> XFSs ACL won't help me. One friend told me that he saw
> once some "well hidden" parameter for Samba which allows
> this :-)

No "well hidden" parameter.  You just have to know how to
work the Unix permission system.
Simply this:
1. Create a special user/group that will always have rigths
   to that directory (you can just use root.wheel depending
   on how your security is organized)
2. Make sure the owner of that directory is the special user
   described in step #1.
2. Set the permissions on the directory to 6777
3. Set the create mask for that share to 644 or something like
   that (in Samba, you may need to make this directory a
   dedicated share if this doesn't jive with the create mask
   you use for other directories)

Here's how it works:
a) Everyone has write permissions to the directory, so everyone
   can save files there.
b) Since the setuid/setgid bits are set on that directory, when
   someone saves a file there, the is set to whoever
   you put in #1.
c) Because the create mask is 644, the only person who has write
   permission to the file is the owner, so the original creater
   can no longer mess with it.

Hope that help,

Bill Moran
Potential Technology

More information about the samba mailing list