[Samba] Permissions and security

Mister Olli mister.olli at googlemail.com
Tue May 26 12:26:42 GMT 2009


I have a quite similar setup (maybe a littler bit more complex, since my
users can also save files via SSH) and a problem, that I couldn't
rename/ edit existing office (word/ excel/ ...) documents under windows

My solution was to disable 'nt acl support' by setting:
	nt acl support = no
in the '[global]' section.

Maybe this helps for you, since the problem sounds pretty much the same.

Mr. Olli

On Tue, 2009-05-26 at 11:13 +0200, Dennis Duggen wrote:
> Hi list
> I have trouble setting up the system permissions to be secure. Here my
> basic setup.
> 2 groups: users and staff
> /home/user should have the permissions user:users rwx------
> /mnt/staff should have the permissions user:staff rwxrwx---
> For the last one users should'nt have access.
> I test with fx.: user=staffuser, primarygroup: users, member of group: staff
> If i setup the permissions to the above suggested i can create files but
> can't change them. So it seems i have the right permissions to create
> files but afterwards i don't. The files are created with the right
> permissions, username and group: staffuser:staff.
> So why can't the staffuser who is in the staff group access the files
> after initial creation.
> The only solution i could find was to set permissions to 777. And that
> can't be right.
> My smb.conf: http://pastebin.com/m4a04dfd2
> Thanks in advance.
> Dennis

More information about the samba mailing list