[Samba] Samba permissions

Curtis Vaughan curtis at npc-usa.com
Tue May 27 19:18:48 GMT 2003

  Well, I thought I knew Samba permissions, but I guess I don't.

Currently, any user that has an account on the Samba server has access 
to the share "Accounting".

So, let's say I have user1, user2, user3, user4
I have added user1, user2 and user3 to the accounting group.  user4 is 
not a member of accounting.

On the server itself (not for Samba), I set up permissions for the 
folder as 774 for all directories and files therein.  User/group 
permission are set as admin.accounting

The samba section for this share reads:

	comment = Accounting
	path = /home/accounting
	read only = No
	create mask = 0770
	force create mode = 0770
	security mask = 0770
	directory mask = 0770
	force directory mode = 0770
	directory security mask = 0770
	inherit permissions = Yes

If any local user access this share, they also automatically become part 
of the accounting group (as far as samba is concerned).

Now, if I add a line "valid users = user1, user2, user 3" then of 
course, just they can get in. But that doesn't seem to be the right 
solution.  The right solution would be to permit only accounting group 
users into the folder.  What am I doing wrong?

Curtis Vaughan
North Pacific Corporation

WashTech (CWA Local 37083)
IWW x353203

More information about the samba mailing list