[Samba] Shared directory contained within another shared directory

Rod securitybasics at gmail.com
Thu Mar 17 12:18:40 MDT 2011 

Thanks, everyone. I think I'll just move that particular folder and
set up the share.

On Thu, Mar 17, 2011 at 11:39 AM, Daniel Müller <mueller at tropenklinik.de> wrote:
> IN [global]
> This could be:
> follow symlinks = yes
>  wide links = yes
>
> in the other groups share make:  ln –s /shared/depts/hr/hrshared
> /where/the/link/isset
> I think the link is then read only or what you set the permission
>
>
> EDV Daniel Müller
>
> Leitung EDV
> Tropenklinik Paul-Lechler-Krankenhaus
> Paul-Lechler-Str. 24
> 72076 Tübingen
> Tel.: 07071/206-463, Fax: 07071/206-499
> eMail: mueller at tropenklinik.de
> Internet: www.tropenklinik.de
>
> Von: Santiago Diez [mailto:chebarbudo at gmail.com]
> Gesendet: Donnerstag, 17. März 2011 16:02
> An: mueller at tropenklinik.de
> Cc: Rod; samba at lists.samba.org
> Betreff: Re: [Samba] Shared directory contained within another shared
> directory
>
> In my case, the idea was that one departement already had a folder that they
> were used to and that they wanted to share with the rest.
> So instead of moving all the files, it looked simplier to just take this
> very folder (it was a little deeper) and share it somewhere else.
>
> Santiago
>
> On Thu, Mar 17, 2011 at 3:52 PM, Daniel Müller <mueller at tropenklinik.de>
> wrote:
> Hello,
>
> why subdirectory!? Just make two simple shares for each group.
> Bind them together with dfs
> Ex-tree: +human-resources
>         |
>         +--hr
>         |
>         +--hr_readonly
>
> [global]
> Host msdfs=yes
>
> [human-resources]
> path = /shared/depts/dfsroot
> msdfs root = yes
>
> [hr]
>        comment = Human Resources
>        valid users = "@DOMAIN+Personnel"
>        path = /shared/depts/hr
>        guest ok = no
>        read only = no
>        create mask = 6770
>        force create mode = 6770
>        directory  mask = 6770
>        force directory mode = 6770
>
> [shared_hr]
>        comment = Human Resources Shared information with supervisors
>        valid users = @DOMAIN+Personnel @"DOMAIN+Domain Admins"
> @"DOMAIN+hr_readonly"
>        path = /shared/depts/hrshared
>        guest ok = no
>        writable = yes
>        read list = @"DOMAIN+hr_readonly"
>        create mask = 6770
>        force create mode = 6770
>        directory  mask = 6770
>        force directory mode = 6770
>
> In /shared/depts/dfsroot as root
>
> Ln -s msdfs:yourserver\\hr hr
> Ln -s msdfs;yourserver\\shared_hr shared_hr
>
>
> -----------------------------------------------
> EDV Daniel Müller
>
> Leitung EDV
> Tropenklinik Paul-Lechler-Krankenhaus
> Paul-Lechler-Str. 24
> 72076 Tübingen
>
> Tel.: 07071/206-463, Fax: 07071/206-499
> eMail: mueller at tropenklinik.de
> Internet: www.tropenklinik.de
> -----------------------------------------------
> -----Ursprüngliche Nachricht-----
> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
> Auftrag von Rod
> Gesendet: Donnerstag, 17. März 2011 15:26
> An: samba at lists.samba.org
> Betreff: [Samba] Shared directory contained within another shared directory
>
> Hello,
>
> I have Samba server running version 3.0.33-3.29.el5_5.1. The Samba
> server is a member server of a Windows 2003 domain. Winbind provides
> authentication.
>
> We have a physical directory named hr that is shared as "hr" and is
> accessible to the HR department. A subdirectory of the hr directory
> named hrshared is shared as "hrshared" and should be accessible to
> specific users that are not part of the HR department. File system
> permissions for the hr directory are set for the domain admin as owner
> and the HR department security group (in AD) as the group.  The file
> system permissions for the hrshared subdirectory are set for domain
> admin as owner and the security group that has the people that need
> access to the hrshared share. With permissions set as they are, users
> who are not part of the HR group are unable to access the hrshared
> folder. I'm assuming this is because the hrshared subdirectory is
> inheriting permissions from the parent hr directory.
> Here's the share specifications in smb.conf
>
> [hr]
>        comment = Human Resources
>        valid users = "@DOMAIN+Personnel"
>        path = /shared/depts/hr
>        guest ok = no
>        read only = no
>        create mask = 6770
>        force create mode = 6770
>        directory  mask = 6770
>        force directory mode = 6770
>
> [shared_hr]
>        comment = Human Resources Shared information with supervisors
>        valid users = @DOMAIN+Personnel @"DOMAIN+Domain Admins"
> @"DOMAIN+hr_readonly"
>        path = /shared/depts/hr/hrshared
>        guest ok = no
>        writable = yes
>        read list = @"DOMAIN+hr_readonly"
>        create mask = 6770
>        force create mode = 6770
>        directory  mask = 6770
>        force directory mode = 6770
>
>
>
> Is there a way to properly share a subdirectory that has different
> permissions than the parent directory?
>
> Any help is appreciated. Thanks.
>
> Rod
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
>
>
> --
> ____________________________________________________________________________
> _______
> TEL +33637908198 - MSN santiago.diez at free.fr - SKYPE chebarbudo - YAHOO MSG
> santiago_diez
>
>

More information about the samba mailing list