[Samba] write only permissions

Steve Rippl rippls at woodlandschools.org
Mon Sep 15 20:57:55 GMT 2008


Hi,

We've just put in a Samba fileserver to replace our windows box for our
School District and it seems to be working great.  I have a question
about defining some specific permissions though.  We set up 'Drop boxes'
for teachers that kids can drag files into, but they don't have read
permission so they can't read each others submitted work.  Here's what
is looks like on the fileserver

 root at wsdfile:/srv/materials/WHS/VanCleek# getfacl Drop_Box/
# file: Drop_Box
# owner: admin
# group: domain\040admins
user::rwx
user:vancleek:rwx
group::rwx
group:whs\040student:-wx
mask::rwx
other::---
default:user::rwx
default:user:vancleek:rwx
default:group::rwx
default:group:whs\040student:-wx
default:mask::rwx
default:other::---

and the view through windows security tab shows Traverse folder/Create
Files/Write Attributes/Write Extended Attributes/Read permissions.
Needless to say this doesn't seem to work!  The student account (in the
right group) is not allowed to drop a file into that folder.  If I add
g:wsd\\whs\ Student:rwx then the student can do anything sucessfully,
with -wx nothing?!!

Can anyone help?

Many thanks,

Steve Rippl
Technology Director
Woodland School District


More information about the samba mailing list