[Samba] Problem with subfolder permissions within share

Thu Apr 12 13:13:38 GMT 2007

Yes you must chmod so the group has full access, and also make sure you
set the correct group with chgrp.

Also note that you either must have SGID set on the directorys (Only
directories) OR force group = group in smb.conf

On Thu, Apr 12, 2007 at 11:29:40AM +0100, Bruno Silva wrote:
> 
> Just an question, im currently having the same problem here
> So 
> main share has to be valid users =@group_containing_all_users
> sub folders must be chmoded to the special group permissions right?
> 
> -----Mensagem original-----
> De: Mark Adams [mailto:mark at campbell-lange.net] 
> Enviada: quarta-feira, 11 de Abril de 2007 14:05
> Para: Jethro Hermans
> Cc: samba at lists.samba.org
> Assunto: Re: [Samba] Problem with subfolder permissions within share
> 
> > On Wed, Apr 11, 2007 at 10:14:49AM +0200, Jethro Hermans wrote:
> > > > I want to do the following set-up but I don't succeed in it:
> > > > 
> > > > e.g.:
> > > >
> > > > users: user1
> > > >        user2
> > > >        user3
> > > >
> > > >share: "test" with access from user1,2 and 3
> > > >
> > > > Now I want to create a subfolder in "test" e.g. "subtest" but only
> with 
> > > > access for user1 and 3 but I'm not able to do that.
> > > > Is there a solution for this?
> > 
> > > I assume that all of these users are in a group e.g "group1" that has
> > > read/write access, and you are allowing @group1 for the valid users =
> > > access in smb.conf?
> > >
> > > To get what you want you could create another group "group2" that
> > > allows read/write permission to "subtest" with only user1 and user3 in
> > > the group.
> >
> > Jethro wrote privately
> > Do you want to say that I have to create a second folder (as
> > subfolder)
> > in the smb.conf with only these users as valid?<br> Is this the only
> > right way to do this or is there maybe a way to do this in windows.<br>
> > Because I created the subfolder via windows so it would be more easy to
> > manage the permissions and allowed users also that way.<
> 
> Hi Jethro,
> 
> Please make sure when you reply to mailing list messages that you 'Reply
> All' as the information may be useful for other users if they have
> similar issues.
> 
> To answer your question, No i'm not talking about adding an extra entry
> in the smb.conf, as it is in the same container as your first share it
> would still be visible even if you did this.
> 
> I am talking about setting the folder permissions in linux. You can do
> what you are asking effectively using groups.
> 
> I suggest you do the following;
> 
> Create 2 groups on your linux server; group1 and group2
> 
> Add user1, user2, and user3 to group1.
> Add user1 and user3 to group2.
> 
> Change your smb.conf config for "test" so it has 
> 
> valid users = @group1
> 
> using the @ sign means it will allow the people in that group, rather
> than having to add multiple users
> 
> Then set the perms (chmod) on the "test" folder in the filesystem to 2774
> (the 2 is important as this sets "SGID or Set group id" this will
> ensure any files created in this folder, no matter by what user, will
> always set the group)
> 
> Change the group ownership (chgrp) recursively to group1 for "test"
> 
> cd in to "test" and change the group ownership of "subtest" to group2
> 
> Set the perms of 2774 for the "subtest" folder.
> 
> Once this is done it should work as you desire, if user1 or user3 logs
> in, they will have access to all folders. If user2 logs in, they will
> not have access to "subtest".
> 
> I would recommend you read a bit more about linux if you intend to use
> it. Especially about permissions, see the following link for more
> information;
> 
> http://www.zzee.com/solutions/linux-permissions.shtml
> 
> Regards,
> Mark
> 
> 