[Samba] admin user

John H Terpstra jht at samba.org
Tue Nov 19 19:18:01 GMT 2002


On Tue, 19 Nov 2002, Judy Lin wrote:

> Mike,
>   User1 wants to have root privileges so that he can install software on
> the local Win2k machine.  That is the reason he was granted administrative
> privileges.  Here is my problem.  He uses both a Mac and a PC.  User1 on a
> PC (following samba's admin specifications) will create a file on MSword,
> and save it in his share folder(which is owned by User1) and the owner of
> that file will root (not User1).
> When he goes on the Mac to edit the file he created in his share on a PC,
> he doesn't have administrative privileges (because the Mac doesn't use
> samba's specifications).  So when he tries to edit his own file that he
> created on a PC, he will get the error that he doesn't have sufficient
> privileges because the owner of that file is set as root (not User1).  Is
> there a way to set samba so that even though User1 is specified to be an
> admin user, any files that he creates will still be owned by User1 and not
> root?

Yep! Use UNIX file system controls! ie: Set the directory owner and group
to match the ownership you want on files created in the directory. Then
set SUID/SGID the directory. All files newly created will be owned by the
owner and group of the directory.

Samba obeys UNIX file system semantics.

Also, you can set on the share "force user = " and "force group = ".
Please check the man page for smb.conf, 'man smb.conf' and scan for these
options.

- John T.

>
> Judy
>
> On Tue, 19 Nov 2002 mkraus at capitalholdings.com.au wrote:
>
> > G'day Judy,
> >
> > Samba is acting as instructed here. When you set a user as administrator
> > via smb.conf they have root priveleges, and have file access as such.
> >
> > Set up user and group permissions appropriate on the shared directory
> > (under *nix) and remove the admin line in smb.conf file to grant more
> > explecit control.
> >
> > Samba follows the user and group permissions on files and directories as
> > already set on the *nix filesystem. Does that make sense to you? (Let me
> > know if not.)
> >
> > All the best...
> >
> > Mike
> > ---
> > Michael S. E. Kraus
> > Administration
> > Capital Holdings Group (NSW) Pty Ltd
> > mkraus at capitalholdings.com.au
> > phone (02) 9955 8000 fax (02) 9955 8144
> >
> >
> >
> >
> > Judy Lin <jyclin at hydra.acs.uci.edu>
> > Sent by: samba-admin at lists.samba.org
> > 19/11/2002 12:24 PM
> >
> >
> >         To:     <samba at lists.samba.org>
> >         cc:
> >         Subject:        [Samba] admin user
> >
> >
> > Hello.
> >   I am running samba 2.2.5 on Redhat 7.3.  I wanted to give a user1
> > administrative privileges, so in smb.conf, under [global], admin users =
> > user1.  When user1 is on a PC and creates a file in MSWord and saves it in
> > his directory, the default permissions aren't preserved for user1.
> > Instead, the owner of that file becomes root.  Is there any way I can set
> > samba so that the owner of the file is preserved as user1?  (Also, the
> > group that user1 is in isn't preserved in the file permissions either).
> > Thank you in advance.
> >
> > Judy Lin
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba
> >
> >
> >
>
>

-- 
John H Terpstra
Email: jht at samba.org




More information about the samba mailing list