[Samba] New Files in Samba

Robert Adkins II radkins at impelind.com
Thu Mar 27 15:57:45 GMT 2003 

Hello,

-----Original Message-----
From: samba-bounces+radkins=impelind.com at lists.samba.org
[mailto:samba-bounces+radkins=impelind.com at lists.samba.org] On Behalf Of
Eric Halverson
Sent: Thursday, March 27, 2003 9:37 AM
To: Jaques Metz
Cc: Samba List
Subject: Re: [Samba] New Files in Samba

>On Thu, 2003-03-27 at 08:31, Jaques Metz wrote:
>> Hi.
>> 
>> I've configured Samba to work as a dedicated file server, but when a
user >>create a new file in the shared directory, only this user can os
access >>this file. What should I do to change this?
>> 
>> Thanks.
>> 
>> Jaques Metz

	The answer is simple...

	Let's say that you have a partition labeled "share" and inside
it are a number of directories that you are sharing...

	cd in to the "share" partition...

	Then run this command...

	chmod -R g+s *

	What that will do is cause all files folders and sub-directories
to be created with the same group ownership as group user that access
and creates such files and folders. What you will end up with is the
following when running a ls -l :


	[root at BIGRED share]# ls -l
total 84
drwxrwsrwx    3 root     account      4096 Jan  9 10:57 account
drwxrws---   29 root     cad          4096 Mar 26 18:26 cad
drwxr-x---    5 root     root         4096 Jan 20 11:13 configurations
drwxrws---   26 root     docs         4096 Mar 25 12:11 docs
drwxrws---   31 root     inspect      4096 Mar 27 07:07 inspect
drwxrws---    3 root     jboss        4096 Mar 27 09:43 jobboss
drwxrws---    2 root     laser        4096 Mar 27 10:09 laser
drwxr-x---    2 root     root         4096 Mar 21 08:58 logfiles
drwxrwS---    2 root     root        16384 Jul 16  2002 lost+found
drwxrws---    3 root     mail         4096 Jan 22 14:05 mail
drwxrws---   12 root     mill         4096 Mar 27 10:08 mill
drwxrws---   18 root     dmusers      4096 Mar 24 13:55 profiles
drwxrws---   27 root     public       4096 Mar 26 16:02 public
drwxrws---   14 radkins  purchasi     8192 Mar 27 10:00 purchasing
drwxrws---    9 dgillesp qsman        4096 Mar  3 11:59 qs9000
drwxrws---    2 root     quotes       4096 Dec  5 10:33 quotes
drwxrws---    2 root     shipping     4096 Feb 22 09:06 shipping

	If you know how the above output is read... The first listing
shows what the files or directories are. The first group of 3 after the
'd' (which designates directory), refers to a user account, which in the
case of most of the directories is root. The second group of 3
characters refers to the group, which can easily be seen above. The
final group of 3 refers to world (meaning EVERYONE on the system)
rights. 

	If you are looking to fully utilize user and group security
rights, then the final set of three should be --- like they are above.
In the case of the second set of 3, the 's' denotes that all files and
folders created within those directories will have the same group
ownership rights attached to them.

	With this you can create a number of nested group/user rights.

>You'll want to look at the create mask (or create mode) options in that
>share.  If you want rwx access for the creator and primary group,
create
>mask would be 0770, if you want full access for everyone to have full
>access to the files, create mask would reflect 0777.  Just make sure
>that your create mask corresponds with the linux/unix file permission
>structure.

	For the LOVE OF GOD, please refrain from using the number method
when running chmod. You will have stricter control and actually KNOW
what rights you are handing out to the various users and groups on your
system when using the alpha character method.

	For example;

	chmod ug+rw some_text_file.txt

	Will put User "u" and Group "g" read "r" and write "w" rights
onto the file. This will allow the user that has his or her username
listed as the owner of the file as well as any members of the group that
are listed on the file. For the "World" rights use "o". To add such
rights use a "+" sign in between the "ugo" (User, Group, World) and the
"rwx" (Read, Write, Executable) and the "-" sign to take them away.

	If you have a group called Accounting that needs access to a
directory then use the following command...

	chown root:Accounting <directory_name>

	Then change the rwx rights to allow the group Accounting to use
the directory and files within.

	Then you can run whatever group ownership rights you want on
that directory and all Accounting group members will have access to the
files within.

	These two commands, chmod and chown, are likely the most
important UNIX/Linux commands that you could ever possibly learn. 

>-- 
>Eric Halverson <ehalverson at dchs.us>
>Doctors Care Health Services


Regards,
Robert Adkins II
IT Manager/Buyer
Impel Industries, Inc.
586-254-5800

More information about the samba mailing list