[Samba] Samba server for multiple users and projects

William R. Knox wknox at mitre.org
Fri Feb 8 08:19:56 GMT 2002 

Do a chmod g+s on all the directories that house project shares. This
forces any files created under the directory to be owned by the same group
as the directory. You may also want to look at either the "force
directory mode" or the "inherit permissions" parameters in your smb.conf.

Let me know if this does the trick for you. Good luck!

			Bill Knox
			Senior Operating Systems Programmer/Analyst
			The MITRE Corporation

On Fri, 8 Feb 2002, Steve Prior wrote:

> Date: Fri, 08 Feb 2002 00:22:51 -0500
> From: Steve Prior <sprior at geekster.com>
> To: samba at lists.samba.org
> Subject: [Samba] Samba server for multiple users and projects
>
> I'm looking to set up a samba server which will host directories
> for multiple projects.  Each user in the system will have a list
> of projects which he/she can access.  The trick is that I want
> each users to be able to see the directories for only those
> projects he/she has access to.  Not being able to see into the
> directories of unauthorized projects isn't enough, they shouldn't
> even see the top level directory for the project.
>
> My closest attempt at this was to create a linux user group for each
> project and have each project group list the members who could
> access it.  Then for each user, I create a symlink in that users
> home directory for each project he has access to.  So far we're good,
> each users only sees the right projects.  Where I ran into trouble
> was when a user tried to create a new file - that file was owned
> by that user as expected, but the group was the primary group of that
> user (which makes sense), but I need it to be the project group so
> the other project members can read/write the file.
>
> I could create a samba share for each project and force the group
> used for file creates, but that would violate my requirement that
> each user only see the projects (in this case which would be shares)
> that they are entitled to see.
>
> This system is meant to replace an old netware server which did exactly
> what was desired - the user could only see what they actually had access
> to.
>
> Anyone have any ideas?
>
> Steve Prior
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>

More information about the samba mailing list