[Samba] Permissions and security

Mister Olli mister.olli at googlemail.com
Tue May 26 12:26:42 GMT 2009


Hi,

I have a quite similar setup (maybe a littler bit more complex, since my
users can also save files via SSH) and a problem, that I couldn't
rename/ edit existing office (word/ excel/ ...) documents under windows
XP.

My solution was to disable 'nt acl support' by setting:
	nt acl support = no
in the '[global]' section.

Maybe this helps for you, since the problem sounds pretty much the same.

Regards
---
Mr. Olli

On Tue, 2009-05-26 at 11:13 +0200, Dennis Duggen wrote:
> Hi list
> 
> I have trouble setting up the system permissions to be secure. Here my
> basic setup.
> 
> 2 groups: users and staff
> 
> /home/user should have the permissions user:users rwx------
> /mnt/staff should have the permissions user:staff rwxrwx---
> For the last one users should'nt have access.
> 
> I test with fx.: user=staffuser, primarygroup: users, member of group: staff
> 
> If i setup the permissions to the above suggested i can create files but
> can't change them. So it seems i have the right permissions to create
> files but afterwards i don't. The files are created with the right
> permissions, username and group: staffuser:staff.
> So why can't the staffuser who is in the staff group access the files
> after initial creation.
> 
> The only solution i could find was to set permissions to 777. And that
> can't be right.
> 
> My smb.conf: http://pastebin.com/m4a04dfd2
> 
> Thanks in advance.
> 
> Dennis



More information about the samba mailing list