[Samba] inherit permisssions in share/dir/subdir

Rob Shepherd rob at techniumcast.com
Thu Mar 29 10:23:41 GMT 2007


Dear samba users,

inherit permissions & g+s works great as a single share for different 
groups of users.

However I've found a limitation/bug/shortcoming.....

I can't write as a specific group into a sub-sub-directory of a share.

I'll step through my working share....

I've got a share with inherit permissions = yes and g+s on directories.

I've then got a folder called Knowledge_Transfer

ls -lad Knowledge_Transfer/
drwxrwsr-x   2 root     ktp            2 Mar 29 10:33 Knowledge_Transfer/

So people who have supplementary group membership of ktp group can 
read/write to this directory of the share. No one else can....

This is fine.

I've then got a folder called Admin.

Inside Admin should be subdirectories of different things again, such as 
Finance.  No one should be able to write files into the Admin directory, 
but should be able to write into directories beneath, for which theyhave 
access.....

Admin looks like......

ls -lad Admin/
drwxr-sr-x   5 root     root           5 Mar 29 10:47 Admin/

ls -lad Admin/Finance/
drwxrwsr-x   2 julie    dsr-jaa        2 Mar 29 10:32 Admin/Finance/

So I want people in the dsr-jaa supplmentary group to write into 
Finance, but no other.

But this doesn't work..... I get access denied on Windows XP client.

 From the logs, it looks like it's inheriting from Admin/Finance, not 
just Finance.

Is there some combination arithmetic which decides what permissions get 
inherited in this circumstance, i.e. nested directories.

[2007/03/29 11:06:17, 2] smbd/dosmode.c:unix_mode(96)
   unix_mode(Admin/Finance) inheriting from Admin
[2007/03/29 11:06:17, 2] smbd/dosmode.c:unix_mode(104)
   unix_mode(Admin/Finance) inherit mode 42755
[2007/03/29 11:06:17, 2] smbd/dosmode.c:unix_mode(96)
   unix_mode(Admin/Finance) inheriting from Admin
[2007/03/29 11:06:17, 2] smbd/dosmode.c:unix_mode(104)
   unix_mode(Admin/Finance) inherit mode 42755
[2007/03/29 11:06:17, 2] smbd/dosmode.c:unix_mode(96)
   unix_mode(Admin/Finance) inheriting from Admin
[2007/03/29 11:06:17, 2] smbd/dosmode.c:unix_mode(104)
   unix_mode(Admin/Finance) inherit mode 42755
[2007/03/29 11:06:17, 2] smbd/dosmode.c:unix_mode(96)
   unix_mode(Admin) inheriting from .
[2007/03/29 11:06:17, 2] smbd/dosmode.c:unix_mode(104)
   unix_mode(Admin) inherit mode 42755
[2007/03/29 11:06:19, 2] smbd/dosmode.c:unix_mode(96)
   unix_mode(Admin/Finance/New Text Document.txt) inheriting from 
Admin/Finance
[2007/03/29 11:06:19, 2] smbd/dosmode.c:unix_mode(104)
   unix_mode(Admin/Finance/New Text Document.txt) inherit mode 42775
[2007/03/29 11:06:19, 2] smbd/dosmode.c:unix_mode(96)
   unix_mode(Admin/Finance/New Text Document (2).txt) inheriting from 
Admin/Finance
[2007/03/29 11:06:19, 2] smbd/dosmode.c:unix_mode(104)
   unix_mode(Admin/Finance/New Text Document (2).txt) inherit mode 42775

this was me going rightclick->new Text document on WinXP client.
it seems it's trying twice for some reason....

Any help would be appreciated.

Cheers

Rob

-- 
Rob Shepherd BEng PhD | Computer and Network Engineer | CAST Ltd
Technium CAST | LL57 4HJ | http://www.techniumcast.com
rob receives mail at techniumcast.com | 01248 ****** | ****** *****


More information about the samba mailing list