[Samba] SUQ: Share permissions
ChrisSorisio at PeakTechnical.com
Fri Aug 2 07:07:04 GMT 2002
Thanks for the tip. That appears to have resolved my issue.
From: Åke Holmlund [mailto:holm at informatik.umu.se]
Sent: Friday, August 02, 2002 9:47 AM
To: samba at lists.samba.org
Cc: ChrisSorisio at PeakTechnical.com
Subject: RE: [Samba] SUQ: Share permissions
In Unix, a user with write permissions in a directory can create, rename
and delete ANY file or directory within the main directory. The permissions
on the idividual files/directorys doesn't matter!
What You CAN do is to set the sticky bit (chmod +t) on the main directory.
If the sticky bit is set, only the owner of a file/directory can remove
and/or rename it. This is perhaps not exactly what You want but may be
Ps. I'm a Solaris user but i beleve it's the same in other Unix/Linux
> When I create a test directory under the root share, it shows the
> drwxr-xr-x 3 PEAK\SorisioCE PEAK\Domain Users 42 Aug 1 17:31 New
> (smbcacls of New Folder)
> GROUP:PEAK\Domain Users
> ACL:PEAK\Domain Users:ALLOWED/0/READ
> ACL:PEAK\Domain Users:ALLOWED/11/R
> Still, anyone who can write to the root share can delete New Folder. I
> to set it so that anyone can /create/ folders under the root share, but
> the owner or admins can /delete/ all folders.
> Permissions of the root share, /mnt/share/backup:
> drwxrwxrwx 3 samba root 23 Aug 1 15:55 backup
> -----Original Message-----
> From: Goetz Rieger [mailto:goetz.rieger at suse.de]
> Sent: Friday, August 02, 2002 4:38 AM
> To: Sorisio,Chris
> Cc: samba at lists.samba.org
> Subject: Re: [Samba] SUQ: Share permissions
> On Thu, 1 Aug 2002 17:04:47 -0400
> "Sorisio,Chris" <ChrisSorisio at PeakTechnical.com> wrote:
> What permissions are given to the new directory? Do you work with
> filesystem ACLs?
> > Well, I want anyone to be able to write to it, but I want it to also
> > obey NT ACLs.
> > Example:
> > I have my root share, /mnt/share/test
> > Anyone should be able to create a directory under /mnt/share/test via NT
> > Explorer. However, they should also be able to lock that directory so
> > that only they can delete. I've tried to do this, and while I can block
> > someone from accessing said folder, I cannot block them from deleting
> > it.
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the samba