[Samba] Permissions Issue

Scott Lovenberg scott.lovenberg at gmail.com
Tue Jun 24 16:42:24 GMT 2008

Doug Tucker wrote:
> Hello group, this issue is driving me crazy, there just has to be a
> simple way to do this that I am missing!  I have a share, SOP.  The file
> system maps to /dir/dir/sop.  If I have a set of users that need write
> access to this directory, but only want to allow another set of users
> read only access, how can I accomplish this?  From the man pages, it
> looks like I can set the share  to read only, and use the directive
> write list = @groupname to allow certain users write access to this read
> only share, but, I don't want to allow everyone read access, I want to
> only allow certain other users (that I can put in a group) read only
> access.  Any ideas?
> Sincerely,
> Doug
Yeah, like almost all permissions things, do this one at the file system 
level.  Create a group 'writeGroup'; make perms like such:
root:writeGroup 2664 /dir/dir/sop

The setGid will ensure that all files written to sop are part of the 
write group, the owner has full control and writeGroup will have write 
perms, everyone else is read only.  Also, you might want to set the 
sticky bit so only the owner can delete a file they created.  That's how 
I'd do it, at least.  I always do permissions at the lowest layer 
possible so I can easily change shares without worrying about share 
semantics.  They get ugly when things start getting nested.

More information about the samba mailing list