[Samba] select read/write access by user or group?

Dale Schroeder dale at BriannasSaladDressing.com
Thu May 13 14:15:34 MDT 2010

On 05/12/2010 3:48 PM, William P.N. Smith wrote:
> This should be simple, but I've been pounding my head against it for 
> several hours, and I'm not getting the result I want.
> I'd like to be able to select shares, whether they are the root of a 
> drive or /home/username and designate who can read and who can 
> read/write.
> Does Samba have it's own groups to go with it's own users?
Any defined group can be controlled via Samba.
> I really can only use "security = user" in this case...
> I'd like to do something like give the root user read/write access to 
> the root of the drive, give user roy read-only access to the root of 
> the drive, and give user willie read/write access to /home/pictures, 
> is there a way to do that with Samba or is that a Linux/groups/acl 
> kind of thing?
Usually a combination of the two.
> It seems if I have a share that someone can read, anyone can read it, 
> is that right?
That depends on posix permissions, posix acl's, and the parameters in 
your Samba share definition.
> There are some hints in the default smb.conf like:
> # A publicly accessible directory, but read only, except for people in
> # the "staff" group
> ;    [public]
> ;    comment = Public Stuff
> ;    path = /home/samba
> ;    public = yes
> ;    writable = yes
> ;    printable = no
> ;    write list = +staff
> but +staff isn't documented anywhere (user or @group is, but not 
> +staff), and adding creating a Linux group called staff and adding 
> users to it doesn't help.
"+" in front of a group defines that group as being local.
> Thanks in advance for any hints!
Redefine what it is you're trying to achieve by giving us an example 
share and path, along with the users and groups that are to have access 
to that share,
and whether the access is to be read-only or read-write for each user/group.


More information about the samba mailing list