[Samba] directory permissions & smb.conf

Marian Mlcoch, Ing mm at tsmp.sk
Tue Apr 20 10:42:42 GMT 2004


Hi Marcus

simply mistake is use of valid users on share conf. This clause block any
another users to access it and is useful for restrictive configs.
First choice to create best access system is not use valid users and write
list but create proper setup of linux passwd and groups items.
Samba automatic work with this acces rights when user is logged to share.
> [Electrical]
>     writable = yes
>     path = /share/share/Electrical
User on linux can own more groups needed to work.
But when you use directory ass owwner root and group Xxx when user connect
to your share have write access then new files created by it have user owner
not root and primary user group not group by updir! Then new files is not
accessible for another users of share if you not set proper create mode mask
and gruops... Samba default setup is set for user security not group.

You must understand linux file system rights for best setup samba.

If need help write bye.



----- Original Message ----- 
From: "marcusv" <marcusv at siemagblanes.co.za>
To: <samba at lists.samba.org>
Sent: Tuesday, April 20, 2004 9:56 AM
Subject: [Samba] directory permissions & smb.conf


> Hi there guys.
>
> I'm new to the list.
> I have googled and yahooed, and been to several other mailing list to
> see if I can find help there.
> But with no luck.
>
> I'm trying to setup a share for several departments for our company.
> So when I installed RedHat 9.0 I created a 30Gb partition.
>
> Please bare with me as I explain what I would like to do.
> I have a directory
> drwxrwx----    5 root    siemagelec    4096 Apr 15 13:46 share
> within this directory.
> drwsrwx---    3 root    siemagelec    4096 Apr 19 15:43 share
> within this directory.
> drwxrwx----    5 root    siemagelec    4096 Apr 15 13:46 Electrical
> drwxrwx----    5 root    Marketing    4096 Apr 15 13:46 Marketing
> drwxrwx----    5 root    Capital    4096 Apr 15 13:46 Capital
>
> So meaning that if you have access to the 2nd share directory and you
> belong to siemagelec you will only be able to access [read/write to the
> Electrical folder]
> This works,But it does not work for any of the other folders E.G
>
> Marketing
> Capital
>
> Unless I change the group for the /share directory. as well as the group
> for the /share/share directory.
>
> Now I'm not to sure what group these directories belong to.? and if I
> should leave it as root.
>
> Or is it possible to create another group, lets call it siemag, and in
> stead of adding users to this group, add groups to it.
>
> smb.conf file
> [Electrical]
>     writable = yes
>     valid user = @siemagelec
>     write list = @siemagelec
>     path = /share/share/Electrical
>
> [Marketing]
>     writable = yes
>     valid user = @marketing
>     write list = @marketing
>     path = /share/share/Marketing
>
> [Capital]
>     writable = yes
>     valid user = @capital
>     write list = @capital
>     path = /share/share/Capital
>
> PS* I belong to all three groups.
> Any assistance/pointers would be appreciated.
>
> Marcus Van Wyk
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba



More information about the samba mailing list