[Samba] how to define new folders ACL
Sébastien Le Ray
sebastien at orniz.org
Wed Sep 24 03:56:49 MDT 2014
Hi,
Or you can just check the "Inherit ACLs" in windows security tab…
Regards
Le 24/09/2014 11:43, Lorenzo Faleschini a écrit :
> i reply to myself for future reference
>
> I logged in as root on the member server and set recursively the ACL
> defaults with setfacl (so the newly created folders came with this mask)
>
> Default Owner (Read Write Execute):
> default:u:administrator:rwx
> Default Group (Read Write Execute):
> default:g:'domain users':rwx
>
> then forced the ownership and group of the actual directories
> Set Owner (Read Write Execute)
> u:administrator:rwx
> Set Group (Read Write Execute)
> g:'domain users':rwx
>
> in one command:
>
> setfacl -R -m default:g:'domain users':rwx,g:'domain
> users':rwx,default:u:administrator:rwx,u:administrator:rwx
> /PATH/TO/SHARES/
>
>
>
>
> Lorenzo Faleschini
> IT Manager @ Nord Est Systems srl
> ----------------------------------------
> m: +39 335 6055225 | skype: falegalizeit
>
> Il 23/09/2014 12:53, Lorenzo Faleschini ha scritto:
>> Hi folks,
>>
>> I've a working samba 4.1 DC + a 4.1 member server, winbind and UID
>> GID working
>> I have all the shares on member server, and the UNIX permissions are
>> set to 770 Administrator:DomainUsers. To rule other permissions I
>> generally use the Security TAB ACLs.
>>
>> my problem is:
>> when a user create a new subfolder only he can access to it (and no
>> other from DomainUsers), unless I change the ACL manually.
>> is there an option to set somewhere to mantain parent folder's ACLs?
>>
>> thanks
>>
>>
>> --
>>
>> Lorenzo Faleschini
>> IT Manager @ Nord Est Systems srl
>> ----------------------------------------
>> m: +39 335 6055225 | skype: falegalizeit
>
More information about the samba
mailing list