[Samba] Question regarding share security

Mark Ratering techsupport at meteor-web.com
Tue May 10 10:53:20 GMT 2005 

I have a samba server set up with a few shares and about 5 different 
users.  My issue is this:  Whenever the admin user writes a new file to 
the 'data' share the unix permissions become admin, admin.  Then the 
guys in sales cant read it.  The same happens with our art department.  
How to i tell Samba that any file written to the 'data' share by an 
authenticated user should have the permissions 770 with root, data as 
username/group?

My other question is regarding a strange issue with a OS X computer.  It 
says that the fileserver has run out of space and it cannot write any 
more.  I am not implementing any sort of limiting on the amount of space 
that any user may use.  Copying works fine from windows computers.


Here the majority of the config i use now.  I had to remove a few lines 
in the interest of security.

# Global parameters
[global]
        #NetBIOS settings
        netbios name            =       SMBSERVER
        workgroup               =       SMBDomain
        server string           =       CIFS Server

        log file                =       /var/log/samba/log.%m
        max log size            =       50
        time server             =       yes
        hide dot files          =       yes
        log level               =       2

        #Logon options
        logon script            =       %U.bat
        #This turns off roaming profiles
        logon path              =

        #Security settings
        security                =       user
        domain logons           =       yes
        encrypt passwords       =       yes

        #Turn on the WINS server
        wins support            =       yes

        #Make sure that Samba is the master browser and domain master 
browser
        domain master           =       yes
        local master            =       yes
        preferred master        =       yes
        os level                =       65

        #Scripts for adding computers and users to the domain
        add user script         =       /usr/sbin/useradd -d 
/var/lib/nobody -g 100 -s /bin/false -M %u
        add machine script      =       /usr/sbin/useradd -d 
/var/lib/nobody -g 100 -s /bin/false -M %u

[netlogon]
        path                    =       /files/netlogon
        writable                =       no
        browsable               =       no

[phone]
        comment                 =       Files
        valid users             =       art,dev,sales,admin
        writeable               =       yes
        write list              =       art,dev,sales,admin
        path                    =       /wwwroot/html

[files]
        comment                 =       Files
        valid users             =       art,dev,sales,admin
        writeable               =       yes
        write list              =       art,dev,sales,admin
        path                    =       /share/data

More information about the samba mailing list