[Samba] Linux Groups and Samba
Achim Ehrlich
aehrlich at taskit.de
Wed Mar 27 11:39:02 GMT 2002
Hi all,
I like to restrict the access to certain files in a samba share via Linux file permissions.
During configuration i encountered a problem, which puzzels me. I want to restrict a
subtree of a share to a certain unix group and another subtree of this subtree to
another group, which is a subset of the first. In effect this looks like this:
directory a (suid group x)
subdirectories b (suid group x) c (suid group y)
with a, b belonging to group x and c to group y, all members of x are also members
of y. The Linux-permissions are set to 2775, the suid bit for the groups is set. The
permissions for files are set to 660.
Now comes the problem:
If a user, who is member in both, group x and y wants to modify a file created by
antother user. In directory a and b this works fine, the user has readwrite access to
the file. In subtree c however the user has no permissions to access the file.
Needless to say accessing the same files from linux, everything works fine.
Here is the configuration of my share:
comment = grptest
path = /taskit/testshare
guest account = nobody
valid users = @x, @y
read only = No
create mask = 0660
directory mask = 775
force create mode = 0660
force directory mode = 02775
inherit permissions = No //changing this parameter didn't change anything
delete readonly = Yes
The map archive etc directives are all set to no. I use samba version 2.21a.
Extensive logging didn't show anything informative in regard to this problem. In Level
3 the attempt to access the file wasn't recorded at all. Any pointer for solving this
problem would be nice, Is it maybe not possible to handle it this way?
thx
achim
More information about the samba
mailing list