[Samba] Root cannot delete files through samba share

Amanda Gomes leiturasmais at gmail.com
Mon Nov 12 14:44:49 MST 2012


   We are integrating Samba with Active Directory in the company. The goal
is to provide a samba share to users of AD. In this case, we need all users
to write on the share, but nobody modify or delete any files. Even the user
who owns it.
   With this, we would create only one AD user, if necessary with root
powers, which could erase everything.
   For this, we test several lines, such as the samba permissions, acls,
sticky bit, but nothing met our needs.
   I am now trying to make that an AD user has the same root privileges.
   Working with the following configuration:

         path = / mnt / storage / MEDIA
         browseable = yes
         writable = yes
         create mask = 0555

   After writing the share, no one can erase. But not even the root logging
via samba, can erase. Only the machine itself. Anyone can explain why?

  Another option would be:

         path = / mnt / storage / MEDIA
         browseable = yes
         writable = yes
         group = force "supervisors"
 create mask = 0570

  With this setting, the goal would be that users write in the share and
the files were to become the group supervisors, and only users belonging to
this group be able to erase. But this setup also failed.

  Does anyone know how I could implement this? The why these settings do
not work out?

  Thank you!
  Amanda Gomes.

More information about the samba mailing list