[Samba] Re: Controlling files through groups:Update

Jason Williams jwilliams at courtesymortgage.com
Thu Aug 7 16:59:50 GMT 2003


Ahh, very interesting.

So if I had one group called Officers that need only Read access to the share.
And another group called Processors that would need Read and Write access 
to the share, I would setup something like the following:

[share]
comment = a drive
path = /var/drive
read list = @officers
write list = @processors
force group = offcers

then:
cd /var/drive
chown :users *

Couple questions on this: What exactly does the force group option do? Im a 
little unclear on this.
Secondly, if I chown the entire /var/drive direcotry to officers, and set 
the permissions on the directory and files to r-x, will the processors 
group still be able to write to files in the directory as well as create 
new files in the directory?

Thanks for your help.

Jason


At 10:43 AM 8/7/2003 +0100, you wrote:
>one way would be
>
>
>[drive]
>  comment = a drive
>  path = /var/drive
>  read list = @users
>  write list = @otherusers
>  force group = users
>
>  ========================================
>then
>  cd /var/drive
>  chown :users *
>
>If all the users arn't part of users then you'll need to faff
>
>but thats the way we have it and it works well.
>
>
>
>Jason Williams wrote:
>>Ok..i've been trying to troubleshoot this issue to see if I can fix it.
>>  From what I can tell, there are certain options on this program that 
>> will require write access to the share.
>>Looking at the share, this is what it looks like:
>>[root at PDC-SRV point]# ls -ld CLOSED
>>drwxrwx---    4 root     cm           4096 Aug  6 15:58 CLOSED
>>The corresponding files in the directory also have the same permissions. 
>>I had to do this to get a certain function in the program to work 
>>correctly, since it requires write access.
>>My share info:
>>[point]
>>   comment = Point Program
>>   path = /home/point
>>   writable = yes
>>   browseable = yes
>>   public = no
>>   valid users = jwilliams @cm
>>   create mask = 770
>>   force group = cm
>>So here is what I need to figure it, to see if it is even possible.
>
>These settings mean that every one in @cm and jwilliams are allowed to 
>edit and execute the file... and no one else can see it at all.
>
>>How can I set it up so this share through samba, so that only certain 
>>users can have write access to this directory, and everyone else will 
>>just have read access?
>>Anyone have suggestions on how to get this setup and working correctly?
>>Im thinking I need to setup users in a specific group and give the share 
>>owned by that group. That group will have r/w access. Then, the rest of 
>>my users will just have read access.
>>Anyone have any suggestions? Im at my wits end here almost. :)
>>Jason
>>
>>At 03:22 PM 8/6/2003 -0700, you wrote:
>>
>>>Hello everyone.
>>>
>>>Have a question here about controlling permissions and groups for Samba.
>>>
>>>Our samba server is being used by our users to access files through a 
>>>program.
>>>In our initial testing, what I noticed is that once a user starts to 
>>>work with the file, and their are any modifications done to it, it 
>>>changes the owner to the user and the group to the group that the user 
>>>belongs to.
>>>
>>>For instance, here is an example of a test file we were using.
>>>
>>>It had the owner of 'root' and the group of 'cm'.
>>>
>>>Once the user accessed the file through the program, made some changes, 
>>>the owner and group were changed.
>>>They were now:
>>>
>>>owner = blackberry  group = loans
>>>
>>>Couple quick questions here.
>>>What im trying to do is setup a repository so my users can access the 
>>>files at any given time.
>>>However, I can that what is going on will definitely pose a problem.
>>>
>>>With that in mind, how can I make sure that any files that are accessed 
>>>or created by a user still retain the origina user and group?
>>>
>>>Any suggestions here is greatly appreciated.
>>>
>>>Jason
>>>
>>>--
>>>To unsubscribe from this list go to the following URL and read the
>>>instructions:  http://lists.samba.org/mailman/listinfo/samba
>
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba




More information about the samba mailing list