[Samba] Standalone Samba and group permission
Erik van Linstee
erik at vanlinsteeict.nl
Mon Sep 6 12:46:58 MDT 2010
Hi,
I have been experimenting and googling without finding so much as a hint to what I am doing wrong.
I have a Samba server (Ubuntu 10.04) set up for standalone usage.
I have Posix ACL's enabled on my filesystem, and a directory with the following permissions:
# file: beheer/
# owner: beheerder
# group: users
user::rwx
user:clamav:r-x
user:beheerder:rwx
group::---
group:users:---
mask::rwx
other::---
default:user::rwx
default:user:clamav:r-x
default:user:beheerder:rwx
default:group::---
default:mask::rwx
default:other::---
The intention is that only the owner can use this directory and no one else, not even group members. The ACL confirms that group members have no access, I have even explicitly named the owner group with no rights. Others have no rights either.
Yet, everyone who is a member of the group users can change to this directory and create files in it. It does not matter if they connect with a Windows machine or a Linux one.
Once I change the group owner to some group the other users are not a member of, their access is denied as expected, but when I make them a member of that group, they regain access, even though group owner access is still set to ---.
I must be overlooking something, but what?
Hope anyone can help.
regards,
Erik
---
ir. E.J.P. (Erik) van Linstee
Van Linstee ICT
More information about the samba
mailing list