[Samba] Re: Re: force user vs read list

[Mark]

"John H Terpstra" <jht at samba.org> wrote in message
news:Pine.LNX.4.50.0403122106120.2247-100000 at dp.samba.org...
> On Fri, 12 Mar 2004, Mark wrote:
>
> > "John H Terpstra" <jht at samba.org> wrote in message
> > news:Pine.LNX.4.50.0403112205460.9319-100000 at dp.samba.org...
> >
> > > This is a poor solution. The 'force user' and 'force group' directives
> > > have serious side-effects and should be avoided if possible,
> >
> > I have a lot of shares defined with force user and I've been
experimenting
> > with other methods as described in the HowTo.  The following is an
example:
> >
> > [tester]
> >         comment = test share
> >         path = /share/tester
> >         valid users = @Engineers
> >         read only = No
> >         delete readonly = Yes
> >
> > The only problem I have not been able to overcome is that only the owner
of
> > a file can change it to read-only status or back to read-write status.
I
> > understand that this is posix behavior, but it isn't what my users want
> > (they don't really understand or care about file ownership!).  Is there
a
> > workaround other than "force user"?  What I'm looking for is something
like
> > the "delete readonly" directive except applied to the read-write status.
>
> If you have the book "The Official Samba HOWTO and Reference Guide"
> (TOSHARG) refer to section 12.6.1, 12.6.3. When referring to the
> Samba-HOWTO-Collection.pdf see section 13.6.1 and 13.6.3.
>
> In short:
>
> Set the SUID/SGID bits on the directory you have shared. Then make
> all users a member of the same group. This will solve your access
> problem.

Yes, I've tried that.  Combined with the addition of the directive
"dos filemode" it gets me 99% of what I need.  All users in the group have
access and everything works great except:

any user can change any file to read-only (which is good),
but then,
only the owner of the file can reset it to read-write (which is not what I
want).

See what I mean?

Mark