[Samba] samba permissions

Scott Mayo sgmayo at mail.bloomfield.k12.mo.us
Mon Aug 29 22:25:20 GMT 2005


There was another tech coordinator that asked the following on our list:

 > Hey all, I was wondering if anyone knew of a way to give students 
read/write permissions to a certain drive letter without giving them the 
ability to delete other (or thier own) files. Currently I have chmod 
1770 permissions (read write, but only owner can delete) and one owner 
(the teacher) for all the files, but that will not allow the student to 
view thier own reports (??!) Any suggestions or help would be greatly 
appriciated.

Can this actually be done?  Make it to where the user that created the 
file cannot even delete it?  It looks to me like you would have to deny 
write access to the user in the samba share, and if that is the case, 
then the file could not be written by the user, even if he/she is in the 
group that owns it.

I played around with this quite a while, but could not see anything that 
would make it work.

I was thinking of something like the following:

DIR1   		teacher.students		3770

Then in Samba

[data]
	path = /DIR1
	read only = no
	create mask = 460
	force mask = 2460
	directory mask = 770
	force directory mode = 3770
	
But I don't think this works, because it is forcing read permissions on 
the user, so that would not let him/her write the file, correct?  I 
assume that even though the user is in the group, which has permission, 
he is denied because his username does not have permissions.

Thanks.

-- 
Scott Mayo
Technology Coordinator
Bloomfield Schools
PH: 573-568-5669
FA: 573-568-4565
Pager: 800-264-2535 X2549

Duct tape is like the force, it has a light side and a dark side and it
holds the universe together.


More information about the samba mailing list