[Samba] samba permissions
Doug VanLeuven
roamdad at sonic.net
Tue Aug 30 04:13:11 GMT 2005
Scott Mayo wrote:
> There was another tech coordinator that asked the following on our list:
>
> > Hey all, I was wondering if anyone knew of a way to give students
> read/write permissions to a certain drive letter without giving them the
> ability to delete other (or thier own) files. Currently I have chmod
> 1770 permissions (read write, but only owner can delete) and one owner
> (the teacher) for all the files, but that will not allow the student to
> view thier own reports (??!) Any suggestions or help would be greatly
> appriciated.
>
> Can this actually be done? Make it to where the user that created the
> file cannot even delete it? It looks to me like you would have to deny
> write access to the user in the samba share, and if that is the case,
> then the file could not be written by the user, even if he/she is in the
> group that owns it.
>
> I played around with this quite a while, but could not see anything that
> would make it work.
>
> I was thinking of something like the following:
>
> DIR1 teacher.students 3770
>
> Then in Samba
>
> [data]
> path = /DIR1
> read only = no
> create mask = 460
> force mask = 2460
> directory mask = 770
> force directory mode = 3770
>
> But I don't think this works, because it is forcing read permissions on
> the user, so that would not let him/her write the file, correct? I
> assume that even though the user is in the group, which has permission,
> he is denied because his username does not have permissions.
>
Ought to be able to tinker with the recycle vfs module so instead of
preventing deletions, one has an audit trail of deletions.
Regards, Doug
More information about the samba
mailing list