[Samba] Multiple Users On One Share With Permissions=755 for Created Files

Ed Holden eholden at mclean.harvard.edu
Tue Nov 25 18:26:31 GMT 2003 

Dave,

I think the best way to set this up is not with a Samba feature, but 
rather with UNIX permissions on your Red Hat server.  Generally a shared 
directory needs a group "sticky bit" on the parent directory to be 
really useful.  So you'd make your research directory owned by root and 
by a group that we'll call "research."

  # ls -l
  drwxrwx---   root research

Then you'd add the sticky bit:

  # chmod g+s research
  # ls -l
  drwxrws---   root research

Note the "s."  The x is still there; if it weren't the S would be 
capitalized.  On directories a group sticky bit will cause amy 
newly-created contents to inherit the group of the parent directory.  So 
the ownership will be for each individual, but the group will be 
research, allowing everyone in that group to share files.  You should do 
that for all of your shared directories, including this one.

For this particular directory you should also use a mask on the share.

  [sharename]
  create mask = 0750
  directory mask = 0770

This will cause created files to be mode 750, which is rwxr-x---.  The 
directory mask allows people to create subdirectories that can then have 
files added to it.  Try that and see if it works.

-Ed

:: Ed Holden
:: Administrator, Research Information Systems
:: McLean Hospital

dpgirago at mdanderson.org wrote:
> Howdy Samba Group,
> 
> I'm about 2 clicks away from being a total Samba newbie, but I did manage 
> to get one up and running on RH9 in a W2K / Novell for Windows 
> environment.
> The shares are set up like this:
> 
> --  each member of the group has a private share accessible only from 
> their desktops
> --  a common share, 'research ', accessible to any member of the research 
> group from any of the computers belonging to any of these members
> --  a guest share accessible from anywhere in our subnet  ( by anyone who 
> knows the username and password, of course ).
> 
> And now I've been asked to set up  --  or alter the config file for  --  a 
> share for members of the research group whereby each member can create 
> files with RWX for themselves but others can only R - X . This is to allow 
> joint code development in the group. But not only do I not know how to do 
> this, I'm not sure it can even be done. Don't you access a share by 
> supplying a username and password, and wouldn't that then identify each 
> connection as that particular user? If so, then all files created would 
> essentially have been done so by the same user, no?
> 
> If anyone can confirm or contradict my thinking, or point me in the right 
> direction conceptually, I'd be much obliged.
> 
> TIA,
>  
> dave



Any information, including protected health information (PHI), transmitted
in this email is intended only for the person or entity to which it is
addressed and may contain information that is privileged, confidential and or
exempt from disclosure under applicable Federal or State law. Any review,
retransmission, dissemination or other use of or taking of any action in
reliance upon, protected health information (PHI) by persons or entities other
than the intended recipient is prohibited. If you received this email in error,
please contact the sender and delete the material from any computer.

More information about the samba mailing list