[Samba] Fwd: Add permission? (was How to create awrite-onlyshare?)

Alex Harrington alex at longhill.org.uk
Sat May 24 00:07:42 GMT 2008


Ash

My understanding is that "admin users" should make that user effectively root, and therefore able to access files that aren't owned by them or with no permissions granted.

If you directly access a file you know exists - say open in notepad \\server\append\test.txt as michael, I think it will still allow you access.

One option would be to have a second share called appendadm which only Michael has permission to access which forces either permissions or drops the hide unreadable statement.

eg:
> [appendadm]
>  path = /home/append
>  valid users = michael
>  writeable = yes
>  write list = michael
>  admin users = michael
>  hide unreadable = no
>  create mode = 200
>  directory mode = 770
>  force group = office

If you have security=share set then the admin users line will have no effect - so that may be why you aren't seeing the initial share working properly.

Cheers

Alex

-- 
Alex Harrington - Network Manager
Longhill High School
t: 01273 304086 e: alex at longhill.org.uk



-----Original Message-----
From: Ash Gosh [mailto:gosha.asha at gmail.com]
Sent: Fri 23/05/2008 21:31
To: Alex Harrington
Subject: Re: [Samba] Fwd: Add permission? (was How to create awrite-onlyshare?)
 
Hello!

I'm sorry, I was out unfortunatley, was in hospital without internet :(

This variant works but... But michael becomes unable to read newly
added data because file has been created under <user>.office -w-------
permissions. I'm tried to add setfacl -m default:user:michael:wrx
/home/apeend but new files does not inherit this rule... what to do
here?

AG.



On Thu, May 8, 2008 at 12:16 PM, Alex Harrington <alex at longhill.org.uk> wrote:
>> In this case I still can't add a file from Windows machine into the
> share append...
>> Seems it can't be done with Samba and posix permissions?
>
> Try this:
>
> [root at fs home]# chown -R michael.office append
> [root at fs home]# chmod -R 770 append
>
> smb.conf:
> [append]
>  path = /home/append
>  valid users = +office
>  writeable = yes
>  write list = +office
>  admin users = michael
>  hide unreadable = yes
>  create mode = 200
>  directory mode = 770
>  force group = office
>
> I can't see any reason why that config won't do exactly what you want it
> to.
>
> If it still doesn't work, you need to start narrowing the problem down -
> so logon to the console of the server first as michael. Can you cd in to
> /home/append? If so, can you touch a new file? Repeat the process for a
> different user in the office group. What is the result? As root, what is
> the contents of that folder now? If that all works, the POSIX
> permissions are working fine so it makes it a Samba problem. Visa versa
> then the POSIX permissions are the ones to look at.
>
> Alex
>
> --
> Alex Harrington - Network Manager, Longhill High School
>
> t: 01273 304086 | e: alex at longhill.org.uk
>



More information about the samba mailing list