[Samba] Samba file security
kamal_ahmad at intersolutions.stpn.soft.net
Thu Dec 7 06:55:55 GMT 2006
I am agree with you after setting the "create mask = 0555" & "directory mask = 0555". Newly created gets the permission of 544 see below. I am not able to delete this from the some of the windows2kprofessional machines its OK what I want.......But from some of the windows machines I am able to delete the same file with same user(here k1 is the sambauser and also the machine user).
-r-xr--r-- 1 k1 system 273 Nov 23 13:54 cm.txt
I also changed the force owner & force group. But it didn't help, the owner who is posting the file is deleting the same file, which I don't want.
[ My requirement : anyone(valid user) can post the file in samba share, but not delete/modify that file ]
We are using
Redhat Linux ES 3
Samba - 3.0.0-14
----- Original Message -----
From: Matt Skerritt
To: Naveen C Joshi
Cc: samba at lists.samba.org
Sent: Wednesday, December 06, 2006 7:58 PM
Subject: Re: [Samba] Samba file security
On 07/12/2006, at 12:42 AM, Naveen C Joshi wrote:
I have created the "read list" and "write list", but I want that "write list" members also can not delete the files once they upload it on samba server. While the "read list" members can only read the files but can not upload files on the samba server.
Hmmm ... do you want to them to be able to be able to change the contents of the files, but not delete them? If so then I think it's impossible for a filesystem that uses the posix rwx file permission bits. It may be possible if you're using solaris with zfs, I'm not sure - I'll check on my server later but your initial email said you were using Redhat so I guess it doesn't matter. If you want the users to only be able to add new files (but never change or delete old files) then just set the file create mask to make sure that newly created files don't get write permissions, like Cleber P. de Souza suggested in the other email.
matt.skerritt at agrav.net
More information about the samba