[Samba] Permission masks
Rowland Penny
rowlandpenny at googlemail.com
Tue Feb 24 13:35:12 MST 2015
On 24/02/15 20:23, John wrote:
> I apologise for asking a basic question but I haven't been able to
> determine a sensible answer.
>
> I am using 4.1.17 as AD-DC. All configured and working with user home
> directories via [homes] and some other specific shares.
>
> Windows 7 client jointed to domain, users can log in and create files in
> their home directory.
>
> However the system permissions on those files are not what I expect and
> I am trying to understand why.
>
> My [homes] sets "create mask" and "directory mask" to 0700 but
> everything created has "0770".
>
> I have another share with a create mask of 0755. Files in there get 0775.
>
> I have checked with testparm that there is nothing configured to set to
> 0770 anywhere. it's like there is a "force create mode" but there isn't:
>
> $ testparm -v | grep -e 'force.*mode'
> force create mode = 00
> force directory mode = 00
>
> What am I missing? What could be overriding my permissions ?
>
> Thanks for any advice,
> John
>
>
For one thing you are missing the fact that [homes] doesn't work with a
samba4 DC, you should also be using ACLs instead of 'force mode' etc.
Try browsing the wiki: https://wiki.samba.org/index.php/Main_Page
For your home share see:
https://wiki.samba.org/index.php/Setting_up_a_home_share
For ACLs see:
https://wiki.samba.org/index.php/Setup_and_configure_file_shares_with_Windows_ACLs#Change_permissions_on_folders_of_a_share
Rowland
More information about the samba
mailing list