[Samba] Permisson issue - unix permissions ignored

TAKAHASHI Motonobu monyo at monyo.com
Tue Oct 25 09:58:12 MDT 2011

From: "Zabel, Daniel" <Daniel.Zabel at coremedia.com>
Date: Tue, 25 Oct 2011 11:44:01 +0200

> I have a share "dev". This share should be readable by all domain users.
> Beneath this share, there is a folder "source " which should only
> accessibly by developers.
> This folder has unix permissions set to 770 (recursive) , owner is user
> "build" and group is "develop".

> Share setup is:
> [dev]


>         valid users = @MYDOMAIN\domain-users
>         force group = @MYDOMAIN\develop


> If I connect to this share by a user that is member in "domain-user" and
> NOT in "develop" I can read all files - also all files beneath "source".

> Why did samba ignores the unix file permissions on folder "source" ?

You specify "force group" line, which means that the primary group for
every user accessing to the share is changed to "develop".

Thus they can access to the "source".

> Trying the same on a unix console with the user gives a "Permissions
> denied"  like expected.

Of cource "force group" parameter is applied only to connections via

TAKAHASHI Motonobu <monyo at samba.gr.jp>

More information about the samba mailing list