[Samba] requesting help setting share permissions
Mike Eggleston
mikeegg1 at mac.com
Thu May 10 11:47:47 MDT 2012
On Thu, 10 May 2012, Dale Schroeder might have said:
> On 05/10/2012 11:21 AM, Mike Eggleston wrote:
> >Hi,
> >
> >I have a share I'm trying to lock down to a specific group and I'm not
> >hold my mouth right. I want this share available to a single group. I
> >want this share to have directory permissions 0770 when a directory is
> >created and file permissions 0660. I want the users accessing this share
> >to never be able to change these permissions. When a file or directory
> >is created, I want the group to be the controlling group and nothing else.
> >
> >I currently have:
> >
> >[sales]
> > comment = Sales files
> > path = /opt/group/sales
> > valid users = @GRP\sales
> > force group = sales
> > read only = No
> > create mask = 0660
> > force create mode = 0660
> > security mask = 0660
> > directory mask = 0770
> > force directory mode = 0770
> > directory security mask = 0770
> > msdfs root = Yes
> >
> >
> >What am I doing wrong? I'm testing by copying a file in windows over to
> >this share, then checking the resulting permissions in unix.
> >
> >Mike
> >
> >Fedora Core 5
> >Samba 3.3.3
>
> Mike,
>
> You never mentioned what your results were or how they were wrong,
> so I'm making a few assumptions.
>
> chown your_user : your_group /opt/group/sales
> chmod 2770 /opt/group/sales
>
> In your share, modify 1st two and add the 3rd directive:
>
> directory mask = 2770
> force directory mode = 2770
> nt acl support = No # makes the Security tab inaccessible in Windows.
>
> This is my best guess of what you want. See if this works for you.
> If not, please clarify.
>
> Good luck.
>
> Dale
Dale,
Duh!
When a file is placed in the share above the permissions come out 0666
and the group is not set to "sales". I want the permissions to be 0660
and the group to be "sales". That would be a good start.
I'll try your suggestion. Thanks.
Mike
More information about the samba
mailing list