[Samba] patch request - inherit owner
initiators at free.fr
initiators at free.fr
Tue Nov 22 08:15:11 GMT 2005
Thomas Heiligenmann wrote:
> initiators at free.fr schrieb:
>> For the ones who want the full details here it goes:
>> We have one share per service (IT, R&D, commercial...).
>> In each service the followin top level directories are created by by
>> admin with the following rights, that can't be changed by users:
>> - archives : One directory per year, with a service private data and a
>> service public data directories, files not needed any more are archived
>> here at the begening of each year. Same rights as bellow, with read
>> write access becoming read access.
>> - service stuff : Service stuff not submited to our quality process.
>> Read write access for domain admins and service users.
>> - service private data : Service private data submited to our quality
>> process. Read write access for domain admins and service users, read
>> access to quality service members.
>> - service public data : Service public data (to share with other
>> services) submited to our quality process. Read write access for domain
>> admins and service users, read access to domain users.
>> - service templates : Service Office and other software documents
>> templates. Read write access for domain admins and the person
>> responsible for the templates update, read access to domain users.
>> I've not found something better than what I exposed at the begining.
>> The problem with inherit owner not working for group owner is that any
>> new created file belongs to the "Domain Users" (primary group for every
>> user, many users belong to more than one service) with inherited rwx
>> rights thus breaking access rights rules I want.
> Why not defining it explicitely in smb.conf? I'm happy with the folowing:
> comment = My Group
> path = /data/shares/mygroup
> writable = yes
> valid users = @mygroup @admins
> create mode = 0660
> directory mode = 0770
> force directory mode = 2000
> force group = mygroup
It's explained in the "details" part. There is one share per services,
but there are people not member of the service accessing the share.
More information about the samba