[Samba] Problem with subfolder permissions within share

Mark Adams mark at campbell-lange.net
Wed Apr 11 13:04:43 GMT 2007

> On Wed, Apr 11, 2007 at 10:14:49AM +0200, Jethro Hermans wrote:
> > > I want to do the following set-up but I don't succeed in it:
> > > 
> > > e.g.:
> > >
> > > users: user1
> > >        user2
> > >        user3
> > >
> > >share: "test" with access from user1,2 and 3
> > >
> > > Now I want to create a subfolder in "test" e.g. "subtest" but only with 
> > > access for user1 and 3 but I'm not able to do that.
> > > Is there a solution for this?
> > I assume that all of these users are in a group e.g "group1" that has
> > read/write access, and you are allowing @group1 for the valid users =
> > access in smb.conf?
> >
> > To get what you want you could create another group "group2" that
> > allows read/write permission to "subtest" with only user1 and user3 in
> > the group.
> Jethro wrote privately
> Do you want to say that I have to create a second folder (as
> subfolder)
> in the smb.conf with only these users as valid?<br> Is this the only
> right way to do this or is there maybe a way to do this in windows.<br>
> Because I created the subfolder via windows so it would be more easy to
> manage the permissions and allowed users also that way.<

Hi Jethro,

Please make sure when you reply to mailing list messages that you 'Reply
All' as the information may be useful for other users if they have
similar issues.

To answer your question, No i'm not talking about adding an extra entry
in the smb.conf, as it is in the same container as your first share it
would still be visible even if you did this.

I am talking about setting the folder permissions in linux. You can do
what you are asking effectively using groups.

I suggest you do the following;

Create 2 groups on your linux server; group1 and group2

Add user1, user2, and user3 to group1.
Add user1 and user3 to group2.

Change your smb.conf config for "test" so it has 

valid users = @group1

using the @ sign means it will allow the people in that group, rather
than having to add multiple users

Then set the perms (chmod) on the "test" folder in the filesystem to 2774
(the 2 is important as this sets "SGID or Set group id" this will
ensure any files created in this folder, no matter by what user, will
always set the group)

Change the group ownership (chgrp) recursively to group1 for "test"

cd in to "test" and change the group ownership of "subtest" to group2

Set the perms of 2774 for the "subtest" folder.

Once this is done it should work as you desire, if user1 or user3 logs
in, they will have access to all folders. If user2 logs in, they will
not have access to "subtest".

I would recommend you read a bit more about linux if you intend to use
it. Especially about permissions, see the following link for more



More information about the samba mailing list