[Samba] Re: How to create a write-only share?
scott.lovenberg at gmail.com
Mon Apr 7 08:21:39 GMT 2008
Ash Gosh wrote:
> On Fri, Apr 4, 2008 at 6:55 PM, Ash Gosh <gosha.asha at gmail.com> wrote:
>> I need to create a share that will be readoble by root only (by owner) and
>> writeable for all. We replacing a dead Windows NT 4.0 server and there was a
>> permission type called "Add" and our users uses this type of permission
>> often. They creates a shares where other users can add files but can not
>> read or even list it. I saw a thread here called "How to make "Add
>> permission" for folder in system withntacl support?<http://archives.free.net.ph/message/20071031.173732.50cc2cef.en.html>"
>> but there was no solution published. I beleive that there is a solution, I
>> hope so.
> It's me again, sorry for bothering. Does this problem has a solution? I need
> to replace a dead Win NT 4 server qickly so please let's start a discussion.
> Maby I'll need to select an filesystem other than ext3 or even the server
> OS, to Solaris with ZFS for example? Please help
> Thanks in advance,
I think I did this once a couple of years ago using NT style policy and
the firewall policy object. IIRC, I did it all at the file system
level; each computers' SYSTEM service was allowed to write to a text
file that it couldn't read. The files was owned as "root:someGroup"
with 720 perms. This file was in a directory called 'logs' owned
"root:someGroup" with 710 perms. The directory that 'logs' was
contained within was owned by "root:someGroup" with 710 perms and was
exported as a hidden share (I think I used the '$' hidden share trick),
which 'someGroup' was allowed to write to. That's off the top of my
head, and it may not be correct, but if you can mock it up with VMWare
and a liveCD, that will at least get the ball rolling, I hope. I'm
fairly sure it worked as advertised, but it never made it to production,
so I didn't document it or anything.
More information about the samba