[Samba] Samba file security

[Kamal Ahmad]

I am agree with you after setting the "create mask = 0555" & "directory mask = 0555". Newly created gets the permission of 544 see below. I am not able to delete this from the some of the windows2kprofessional machines its OK what I want.......But from some of the windows machines I am able to delete the same file with same user(here k1 is the sambauser and also the machine user).

-r-xr--r--    1 k1       system        273 Nov 23 13:54 cm.txt

I also changed the force owner & force group. But it didn't help, the owner who is posting the file is deleting the same file, which I don't want.

 [ My requirement : anyone(valid user) can post the file in samba share, but not delete/modify that file ]

We are using 
Redhat Linux ES 3
Samba - 3.0.0-14 
  ----- Original Message ----- 
  From: Matt Skerritt 
  To: Naveen C Joshi 
  Cc: samba at lists.samba.org 
  Sent: Wednesday, December 06, 2006 7:58 PM
  Subject: Re: [Samba] Samba file security




  On 07/12/2006, at 12:42 AM, Naveen C Joshi wrote:


    I have created the "read list" and "write list", but I want that "write list" members also can not delete the files once they upload it on samba server. While the "read list" members can only read the files but can not upload files on the samba server.





  Hmmm ... do you want to them to be able to be able to change the contents of the files, but not delete them? If so then I think it's impossible for a filesystem that uses the posix rwx file permission bits. It may be possible if you're using solaris with zfs, I'm not sure - I'll check on my server later but your initial email said you were using Redhat so I guess it doesn't matter. If you want the users to only be able to add new files (but never change or delete old files) then just set the file create mask to make sure that newly created files don't get write permissions, like Cleber P. de Souza suggested in the other email.


  --
  Matt Skerritt
  matt.skerritt at agrav.net