[Samba] Preventing deletion of folders under a SAMBA share

Stuart Callender stuart.callender at calstera.com
Fri Feb 4 06:23:53 GMT 2005


Hi Steve

Thanks for the reply.  I thought this too, but no matter what
permissions I give for existing folders via Unix permissions (even tried
sticky bits), or via the directory mask and force directory mode, the
folders can still be deleted.

Windows 2000 sees the folders as read only, but allows you to delete
them.  According to O'Rielly's Samba book (based on Samba 2), all should
work fine, but it doesn't.  I was wondering whether this is because of
Windows 2000 allowing delete of Read Only files.  As such I may have to
perhaps set up a Windows 95/98 box just to see.

Stuart

-----Original Message-----
From: Steve Simeonidis [mailto:SSimeonidis at computerpower.edu.au] 
Sent: 03 February 2005 22:32
To: Stuart Callender; samba at lists.samba.org
Subject: RE: [Samba] Preventing deletion of folders under a SAMBA share

You should be able to do it by manually applying Unix permissions
Or use force directory mode = and force directory security mode.

Steve

-----Original Message-----
From: samba-bounces+ssimeonidis=computerpower.edu.au at lists.samba.org
[mailto:samba-bounces+ssimeonidis=computerpower.edu.au at lists.samba.org]
On Behalf Of Stuart Callender
Sent: Friday, 4 February 2005 9:14 AM
To: samba at lists.samba.org
Subject: [Samba] Preventing deletion of folders under a SAMBA share


I am trying to set up a basic Samba server and configure it so that
folders under a share cannot be deleted accidentally by a user.  The
ideal scenario would be to have the top-level folders under the share
non-deleteable, but folders and files are able to be created under it.

I cannot find any easy way of doing this directly, but thought that the
use of the 'veto' option would work nicely, by just populating each main
top-level folder with a pre-named hidden file (ie. .do_not_remove), then
setting veto files = /*.remove/.  The theory of this would keep the main
folder structure intact.  However this option seems to be ignored by
Samba 3 and Windows 2000.  Windows 2000 will quite happily delete
read-only files - which seems to be an annoying trait that cannot be
overridden.

I have been working for weeks on this and have tried almost every
conceivable option from directory permissions to share permissions,
etc., with no luck.  Windows 2000 Server can do this quite easily, but
with obvious licencing costs.  I would be extremely disappointed if
there wasn't an open-source solution to this.  Is the something obvious
that I'm missing?

Samba has been compiled from source with --with-acl-support option.

All helpful comments would be much welcomed.

Thanks in Advance.

Stuart

---
Kernel 2.6 (SuSE 9)
Samba Version: 3.0.10
Windows Client: Windows 2000 Professional

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba






More information about the samba mailing list