[Samba] file permissions on home directories and admin user copying files to it

Christian Nabski christian.nabski at emd.be
Fri Nov 14 00:11:50 GMT 2003 

Hi Aaron,

Thanks for your answer. 
I already set the create mask for files and directories :
for files 0600 --> user can only write and read
for directories 0700 --> directories can be read and entered (executed) by 
the user

This however only sets the rights and not the ownership.

The problem arises when an admin (in the adminlist) copies files from 
another drive/share/... to the home share of a user via samba.
These copied files have then as owner root. The effect of this (0600 and 
root ) is that the user can not read or write to this file.

This is in fact a test server for a customer. 
What they actually want is the behavior of windows :
the copied files inherit the rights of the directory where they are 
created.
eg : homedir : 0700 owner : "the user" group "domain users"
The admin copies or created a file example.txt in homedir.
--> rights of example.txt : 0600 owner "the user" group "domain users"

The group ownership is possible with chmod g+s homedir or chmod 2700 
homedir.

If I would set a create mask for files as 0660 and for directories 0770 
the problem would be solved but I wanted the restrict the rights to the 
ones set.
And I don't want to maintain private groups (ala redhat) for these users.

I am just wondering how other people do this with admins which don't know 
anything about unix file permissions ?


Regards,

Christian



Aaron Collins <Hellfire at fastq.com> wrote on 13/11/2003 21:19:13:

> 
> You should have a look at the create mask option, it says what the
> default permissions should be on files that get created.  This will
> override the default unix behavior. 
> See also inherit permissions , directory mask, force create mode and
> force directory mode   I think these are the options your looking for in
> your smb.conf
> 
> -Aaron c
> 
> On Thu, 2003-11-13 at 11:40, Christian Nabski wrote:
> > We want to copy files with the group in the admin list of the [homes] 
> > share. The problem is that the copied files then are owned by root.
> > I know this is normal unix behavior. However we want the copied files 
to 
> > be owned by the user of the homeshare. 
> > 
> > I read the samba howto section "Users Cannot Write to a Public Share".
> > Although I want to set the owner on the home shares and not on a 
public 
> > share.
> > The mentioned section however does not seem to work on Redhat 7.3 nor 
RH 
> > AS 3 ?
> > The group gets set correctly (gets changed to the group who owned the 
> > directory) but the user stays the same. 
> > I am wondering if this is a particular issue with the Redhat 
distribution 
> > or something else ? 
> > 
> > For now I tried this "solution" :
> > 
> > in [homes] : 
> > root preexec = chown -R %S %P
> > 
> > This works but I wonder if this is good solution ?
> > 
> > 
> > Christian
>

More information about the samba mailing list