[Samba] Permissions Issue
Scott Lovenberg
scott.lovenberg at gmail.com
Tue Jun 24 16:42:24 GMT 2008
Doug Tucker wrote:
> Hello group, this issue is driving me crazy, there just has to be a
> simple way to do this that I am missing! I have a share, SOP. The file
> system maps to /dir/dir/sop. If I have a set of users that need write
> access to this directory, but only want to allow another set of users
> read only access, how can I accomplish this? From the man pages, it
> looks like I can set the share to read only, and use the directive
> write list = @groupname to allow certain users write access to this read
> only share, but, I don't want to allow everyone read access, I want to
> only allow certain other users (that I can put in a group) read only
> access. Any ideas?
>
> Sincerely,
>
> Doug
>
>
Yeah, like almost all permissions things, do this one at the file system
level. Create a group 'writeGroup'; make perms like such:
root:writeGroup 2664 /dir/dir/sop
The setGid will ensure that all files written to sop are part of the
write group, the owner has full control and writeGroup will have write
perms, everyone else is read only. Also, you might want to set the
sticky bit so only the owner can delete a file they created. That's how
I'd do it, at least. I always do permissions at the lowest layer
possible so I can easily change shares without worrying about share
semantics. They get ugly when things start getting nested.
More information about the samba
mailing list