[Samba] share permissions

Gordon Messmer yinyang at eburg.com
Sat Feb 18 00:39:24 GMT 2006


Donald W Watson wrote:
> 
> If I have a samba server with the following share:
> 
>       [share1]
>             readlist    = user1
>             path = /tmp/share1
>             writelist = user2
> 
> On the surface this indicates that user1 can only read files in the share,
> while user2 and read and write.  However:
> 
> 1. If the share is mounted on another unix machine with "mount -t cifs"
> what effect does "-o username=<some user> have on the read/write behavior
> of files in the share?

All of the permissions processing on the samba server will be done in 
the context of <some user>.  All users on the client will share that 
context, in other words.

> 2. What effect do unix ownership and permissions of the files in the share
> have on read/write behavior of those files?

user2 will be able to write, *if* the unix permissions allow him to. 
user1 will never be able to write anything at all, regardless of the 
permissions on the files.

Naturally, that means that when someone connects to the server as user2, 
those permissions will be enforced.  Mounting the share on a unix system 
with cifs will not allow user1 and user2 to share a mount point and 
still get the appropriate security levels for each.


More information about the samba mailing list