[Samba] Configure file sharing for Samba...

John H Terpstra jht at samba.org
Fri Oct 24 01:09:35 GMT 2003

On Thu, 23 Oct 2003, Matt Beglinger wrote:

> Hello,
> I'm setting a PDC/fileserver for my company. All the files are being
> hosted on the Samba PDC server. We have a single company directory that
> everyone in the company has full access to. Inside the shared company
> directory is a directory (among many others) that I would only like
> certain users to be able to view. I know this is possible but here's the
> problem:
> As far as I know, for everyone to share files happily I had to set the
> "force create mask" option to 0777. Without this option set whenever an
> employee would save a Word document and another employee were to load
> that document it would load as "read only". If I manually changed the
> permission to 777 for that file and that same employee were to reopen
> the file, it would open just fine without "read only" status. That's
> where I got the idea of forcing permissions to 777.
> So maybe I'm going about this all the wrong way, but to recap:
> We have a company directory that we want all employees to be able to
> view/edit/change whatever. But there is a directory within this shared
> directory that we would only like a certain list of people to have
> access to. But I've found it necessary to "force create mask" of 777
> because of the "read only" problem.
> Anyone have a idea. I'm stumped and haven't had any success yet.

Have you tried setting the user and group ownership of hte directory to
what you want, and then setting SUID/SGID on the dierectory? This way all
files in the directory get written with the ownership of the directory.

You can then have sub-directories that have differing user and group
ownership providing the exact effect you want.

Samba is share settings are a poor substitute for what is easily done in
the OS.

If you need further info check out the Samba-HOWTO.Collection.pdf for
Samba-3. It's available from the Samba Web site. You need to check the
chapter titled "File, Directory and Share Access Controls".

John T.
John H Terpstra
Email: jht at samba.org

More information about the samba mailing list