[Samba] "Create-only" Samba share

Loonix Tarballs loonix.tarballs at gmail.com
Mon Jul 10 03:56:53 UTC 2017


I'm sharing a ZFS (ZoL) directory through Samba. Right now I have it set 
up so my user has full RWX access to everything, but for security 
reasons I'd like to only allow myself to copy and read files and create 
and list directories, but make it so once something is created I can't 
modify it in any way other than by logging in through SSH.
I've looked at several threads in various places, but I've not seen a 
definite answer on how to do this, beyond some hinting at it involving 
ACLs in some unspecified way. My understanding is that ZoL doesn't 
support Linux ACLs, so I'm wondering if it might be easier to just make 
a modification to smbd. After all, all I'd need to do is check if a flag 
for the share is set when the user attempts certain actions (e.g. 
delete, rename, etc.), right? I'm thinking something like

path = /mnt/foo
valid users = foo
available = yes
browseable = yes
writable = yes
read only = no
create only = yes   ; <==

Any opinions?


More information about the samba mailing list