[Samba] Avoiding users change permissions

Simone simone72 at email.it
Sat Mar 27 02:18:37 GMT 2004

I finally set up samba 3 with ads, and acl support and everything works just great. The server is an AMD Duron 1200Mhz, 256Mb 266Mhz Ram, 2 ATA100 disks 10 Gb RAID1, 2 ATA133 200Gb RAID1 disks each one master on a separate ide port.
Forgive my english, it's my 17th consecutive hour at work and I'm pretty tired.
This server, that it's going to replace a win2k box, it's a fileserver, member of the active directory and has many shares that all users of the domain can access and modify. I would like to avoid people to "accidentally" change permissions, while Domain Admins should be able to do it. Here my smb.conf:


path = /samba/shares/data

comment = data folder

read only = no

browseable = yes

valid users = '@DOMAIN\Domain Users'

create mask = 0770

directory mask = 0770

directory security mask = 0000    

security mask = 0000

inherit acls = yes

admin users = '@Domain Admins'

In this case no one can change permissions, not even the Admins Group. If users try to do it they can only add new users to the share and finally end up being unable to get into the share again.

Before bothering you with this, I red the smb.conf man but couldn't completely figure out all the parameters that decide permissions (directory mask and security mask are clear but I've seen the parameter "security mode" and I couldn't undestrand how to use it since the example given is to allow everyone to change permissions and I have not been able to find any other example googling....my fault probably). I know I've been a bit confusing, but in the end I think you understood what is my goal. I'm going on experimenting and googling, but if there's anyone that already fixed this, I would really appreciate to be pointed in the right direction. (docs or whatever can help).

Another couple question, I'm moving all users share 12Gb from the win2k server to samba and I'm seeing an heavy memory load while cpu is never more than 40% with an average of 10%, is it normal? here's result of free:

[root at srvsmb01 root]# free

total used free shared buffers cached

Mem: 255872 253464 2408 0 7548 90280

-/+ buffers/cache: 155636 100236

Swap: 522040 36556 485484

Last question, I can choose Fedora or Slackware 9.1 (both already set up) and choose between kernel 2.4 and 2.6 (already compiled in both distro's). Would I have any appreciable benefit from using 2.6.4 kernel (apart from ACL native support) or is better to go for a more stable 2.4 kernel?

Are you still there??? Well, thanks for going this far. If anyone has any suggestion that would be very appreciated, it's my first server.......

Have a nice day

Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.642 / Virus Database: 410 - Release Date: 25/03/2004

More information about the samba mailing list