[Samba] Samba 3.2.8 and the sticky Bit

Andreas Büsching buesching at univention.de
Wed Jul 15 00:49:43 MDT 2009


I've just tested a share configuration like the following and it did not work 
as I've expected it. Maybe someone can explain me what I'm doing wrong.

path = /marktplatz
msdfs root = no
writeable = yes
browseable = yes
public = no
dos filemode = no
hide unreadable = no
create mode = 0644
directory mode = 1777
force create mode = 0644
force directory mode = 1777
security mask = 0777
directory security mask = 0777
force security mode = 0
force directory security mode = 0
locking = 1
blocking locks = 1
strict locking = 0
oplocks = 1
level2 oplocks = 1
fake oplocks = 0
csc policy = manual
nt acl support = 1
inherit acls = 0
inherit owner = no
inherit permissions = no
admin users = @admins

After creating the share I've set the sticky bit on the diretory /marktplatz. 
The expected result is, that everyone can create files, but just the owner of 
a file can delete it. This works as long as no user creates her own 
subdirectory. In that case the owner of the subdirectory can also delete 
files that does not belong to her. E.g.:

drwxrwxrwt   7 root     Guests         77 Jul 13 15:26 /marktplatz
drwxrwxrwt   2 b     Users       38 Jul 15 08:03 /marktplatz/alexandra
-rw-r--r--   1 b Users        0 Jul 15 07:08 /marktplatz/alexandra/b.txt
-rw-r--r--   1 a Users        0 Jul 15 08:03 /marktplatz/alexandra/a.txt

In this case user b can delete file a.txt while user a can not delete b.txt. 
If I change the owner of the directory /marktplatz/alexandra to root, user a 
und b can just delete their own file.

If I access the directory via linux the owner of the directory is not 
important, the sticky bit works as expect.

Does anyone have an idea?

best regards

Andreas Büsching
Open Source Software Engineer

Univention GmbH
Linux for your business
28359 Bremen
Tel. : +49 421 22232-0
Fax : +49 421 22232-99

<buesching at univention.de>

Geschäftsführer: Peter H. Ganten
HRB 20755 Amtsgericht Bremen
Steuer-Nr.: 71-597-02876
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.samba.org/pipermail/samba/attachments/20090715/3f456410/attachment.pgp>

More information about the samba mailing list