[Samba] ACL's and permissions
Tom Dickson
bombcar at bombcar.com
Tue Oct 21 03:17:34 GMT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The share permissions override everything else.
You can manage the share permissions through the MMC (not sure how to do
this; check the HOWTO).
So, you'll have to add terry to the share list first.
This is the same as sharing a folder under Windows; if I'm not in the
permissions for the share, I can't access the files even if I am in the ACL.
- -Tom
Douglas Phillipson wrote:
| I'm really struggling with ACL's and permissions. I have a share owned
| by a user (douglas). Douglas can read, write and create to the share:
|
| [public]
| comment = Public Stuff
| path = /home/samba/pub
| nt acl support = yes
| public = yes
| admin users = douglas
| write list = douglas
|
| I'm logged in to Win2000 as douglas. Through the security tab on
| Win2000 I add read and write permission to the top level share called
| public (but it's not really public) for "terry". I see terry in the
| list and everything seems to go OK in setting it. Then I log off and
| login as terry. Terry has no write access to the share. What takes
| precedence? The share definition in smb.conf or settings through the
| security tab in windows, which should be the ACL's. Does adding a user
| through the security tab effectively add another user to the "write
| list". If so, it isn't. What am I doing wrong?
|
| Here are the linux permissions:
|
| ls -ld /home/samba/pub
| drwxrwxrwt 3 douglas douglas 4096 2003-10-20 22:18
| /home/samba/pub
|
| Here are the ACL's from linux
| getfacl -R --skip-base /home/samba/pub
|
| getfacl: Removing leading '/' from absolute path names
| # file: home/samba/pub
| # owner: douglas
| # group: douglas
| user::rwx
| user:terry:rwx
| group::r-x
| mask::rwx
| other::rwx
| default:user::rwx
| default:user:terry:rwx <<<<< Shouldn't terry have rwx access
| according to this?
| default:group::---
| default:mask::rwx
| default:other::---
|
|
|
|
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/lKVORliD/69byygRAhomAJ0XaBLHVXE9Ki473/ok50FcatsfuQCbBxWY
SbvgEPo/5rHSF8+r21FYUrc=
=YTuK
-----END PGP SIGNATURE-----
More information about the samba
mailing list