[Samba] write list, read list, admin list does not work as expected
Alexander.Voelz at P7S1Produktion.de
Thu Jan 4 14:47:13 GMT 2007
my understanding on how read, write and admin access of a share work,
differs from what I observe4.
What I understood from the documentation is that
* if there's a read list the users in this list have ONLY read
access, no matter what the unix file/dir bits say
* the read list ist superceded by the write list. Users can write
IF the underlying unix-FS permits it.
* admin users have rw-access to every-file, no matter who the
I am asking, because what I want is
* Group A with admin access, so they can delete ALL files, no
matter who created them,
* Group W with write access, with every user able to create files,
and able to delete his own, only,
* Group R with read-only access. These users should only be able
to SEE what the others wrote.
In my samba-config it says:
* write list = @W
* admin users = @A
* read list = @R
* force create mode = 775
* force directory mode = 755 # default
I have a directory which has the unix bits 777:
* drwxrwxrwx+ 2 vjuser vjusers 8192 Jan 4 10:32 Archive
But smbcacls says:
> smbcacls //serverA/share Archive -U "DOMAIN/vo03a"
And I can't change this with smbcacls:
vo03a is Member of A:
> getent group A
xxx0422z is Member of W:
> getent group W
Did I at least understand the purpose of the different lists right?
Anyone with experience using these lists?
I don't think it matters, but the domain is a win2000SP1 domain, serverA
is just samba, no domain function. The groups are defined at domain
Level, as the users are.
Any advice is appreciated.
More information about the samba