[Samba] patch request - inherit owner

Thomas Heiligenmann thomas at heiligenmann.de
Tue Nov 22 07:19:51 GMT 2005


initiators at free.fr schrieb:
> Hello
> 
> I've a Samba server up and running (version 3.0.20b .deb found on
> samba.org on a Debian Sarge), but it's not yet in production cause I'm
> not satisfied with some file permissions.
> 
> The file permission I'd like to have would require to have files and
> directories to inherit owner user and and owner group, with rights 770
> and root.root as the owner. And the users rights being given trought the
> "inherit acls" option.
> The problem is "inherit owner" just works for the owner user, not the
> owner group, so a patch to add an "inherit owner group" option would be
> very useful.
> 
> 
> For the ones who want the full details here it goes:
> 
> We have one share per service (IT, R&D, commercial...).
> In each service the followin top level directories are created by by
> admin with the following rights, that can't be changed by users:
> - archives : One directory per year, with a service private data and a
> service public data directories, files not needed any more are archived
> here at the begening of each year. Same rights as bellow, with read
> write access becoming read access.
> - service stuff : Service stuff not submited to our quality process.
> Read write access for domain admins and service users.
> - service private data : Service private data submited to our quality
> process. Read write access for domain admins and service users, read
> access to quality service members.
> - service public data : Service public data (to share with other
> services) submited to our quality process. Read write access for domain
> admins and service users, read access to domain users.
> - service templates : Service Office and other software documents
> templates. Read write access for domain admins and the person
> responsible for the templates update, read access to domain users.
> 
> I've not found something better than what I exposed at the begining.
> 
> The problem with inherit owner not working for group owner is that any
> new created file belongs to the "Domain Users" (primary group for every
> user, many users belong to more than one service) with inherited rwx
> rights thus breaking access rights rules I want.
> 

Why not defining it explicitely in smb.conf? I'm happy with the folowing:

[mygroupshare]
     comment = My Group
     path = /data/shares/mygroup
     writable = yes
     valid users = @mygroup @admins
     create mode = 0660
     directory mode = 0770
     force directory mode = 2000
     force group = mygroup


Thomas


More information about the samba mailing list