[Samba] AW: "attrib +R myowndir" fails to write-protect my own dir

Dragan Krnic dkrnic at t-online.de
Sun Dec 1 22:19:01 GMT 2002

The suggested program modification only has the effect described
when a couple of other conditions in the profile directory are
met: no ACLs should be used, the directories and subdirs must have
permissions "0775" and the relevant parts of "smb.conf" should read
something like this:

	logon home = \\%L\%U
      logon path = \\%L\%U\profile
	path = /home
	valid users = %S
      read only = No
      inherit permissions = No
	security mask = 775
      directory security mask = 775
      browseable = No

Without security masks it wouldn't work. Woodoo, anyone?


-----Ursprüngliche Nachricht-----
Von: Dragan Krnic [mailto:dkrnic at lycos.com] 
Gesendet: Sonntag, 1. Dezember 2002 20:23
An: samba at lists.samba.org
Cc: jra at dp.samba.org; dkrnic at t-online.de
Betreff: Re: "attrib +R myowndir" fails to write-protect my own dir

Hi Jeremy,

after commenting out part of the line following the infamous quote "We
never make directories read only for the owner..." in
"samba/source/smbd/dosmode.c" as follows:

   - result |= (S_IFDIR | S_IWUSR);
   + result |= (S_IFDIR /* | S_IWUSR /* 2002/12/01*/ );

I can make my own directories read-only. The advantage is that with this
modification "special" folder links get stored on 
samba server with correct attributes and can be recovered
with them at every new login, thus preserving the "magic" of
so many tricky treats in the profile.

The disadvantage is that if I wants to create another file or delete an
existing one from such read-only directory, I need to first restore
writeability (remove read-only).

The advantage far offsets the disadvantage.

Thanks a lot for the tip.


Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year.

More information about the samba mailing list