[Samba] Re: Controlling files through groups:Update
Jason Williams
jwilliams at courtesymortgage.com
Thu Aug 7 16:59:50 GMT 2003
Ahh, very interesting.
So if I had one group called Officers that need only Read access to the share.
And another group called Processors that would need Read and Write access
to the share, I would setup something like the following:
[share]
comment = a drive
path = /var/drive
read list = @officers
write list = @processors
force group = offcers
then:
cd /var/drive
chown :users *
Couple questions on this: What exactly does the force group option do? Im a
little unclear on this.
Secondly, if I chown the entire /var/drive direcotry to officers, and set
the permissions on the directory and files to r-x, will the processors
group still be able to write to files in the directory as well as create
new files in the directory?
Thanks for your help.
Jason
At 10:43 AM 8/7/2003 +0100, you wrote:
>one way would be
>
>
>[drive]
> comment = a drive
> path = /var/drive
> read list = @users
> write list = @otherusers
> force group = users
>
> ========================================
>then
> cd /var/drive
> chown :users *
>
>If all the users arn't part of users then you'll need to faff
>
>but thats the way we have it and it works well.
>
>
>
>Jason Williams wrote:
>>Ok..i've been trying to troubleshoot this issue to see if I can fix it.
>> From what I can tell, there are certain options on this program that
>> will require write access to the share.
>>Looking at the share, this is what it looks like:
>>[root at PDC-SRV point]# ls -ld CLOSED
>>drwxrwx--- 4 root cm 4096 Aug 6 15:58 CLOSED
>>The corresponding files in the directory also have the same permissions.
>>I had to do this to get a certain function in the program to work
>>correctly, since it requires write access.
>>My share info:
>>[point]
>> comment = Point Program
>> path = /home/point
>> writable = yes
>> browseable = yes
>> public = no
>> valid users = jwilliams @cm
>> create mask = 770
>> force group = cm
>>So here is what I need to figure it, to see if it is even possible.
>
>These settings mean that every one in @cm and jwilliams are allowed to
>edit and execute the file... and no one else can see it at all.
>
>>How can I set it up so this share through samba, so that only certain
>>users can have write access to this directory, and everyone else will
>>just have read access?
>>Anyone have suggestions on how to get this setup and working correctly?
>>Im thinking I need to setup users in a specific group and give the share
>>owned by that group. That group will have r/w access. Then, the rest of
>>my users will just have read access.
>>Anyone have any suggestions? Im at my wits end here almost. :)
>>Jason
>>
>>At 03:22 PM 8/6/2003 -0700, you wrote:
>>
>>>Hello everyone.
>>>
>>>Have a question here about controlling permissions and groups for Samba.
>>>
>>>Our samba server is being used by our users to access files through a
>>>program.
>>>In our initial testing, what I noticed is that once a user starts to
>>>work with the file, and their are any modifications done to it, it
>>>changes the owner to the user and the group to the group that the user
>>>belongs to.
>>>
>>>For instance, here is an example of a test file we were using.
>>>
>>>It had the owner of 'root' and the group of 'cm'.
>>>
>>>Once the user accessed the file through the program, made some changes,
>>>the owner and group were changed.
>>>They were now:
>>>
>>>owner = blackberry group = loans
>>>
>>>Couple quick questions here.
>>>What im trying to do is setup a repository so my users can access the
>>>files at any given time.
>>>However, I can that what is going on will definitely pose a problem.
>>>
>>>With that in mind, how can I make sure that any files that are accessed
>>>or created by a user still retain the origina user and group?
>>>
>>>Any suggestions here is greatly appreciated.
>>>
>>>Jason
>>>
>>>--
>>>To unsubscribe from this list go to the following URL and read the
>>>instructions: http://lists.samba.org/mailman/listinfo/samba
>
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list