[Samba] Some questions about sharing and permission.

Jason Long hack3rcon at yahoo.com
Thu May 20 12:09:40 UTC 2021 

Hi,
Thank you.
How about my below question?

1- In "Configuring User and Group-based Share Access" section, the "valid users" and "invalid users" options can be used instead of "setfacl" command?

2- If my Samba DC is on a server, but the directory that I wanted to share and set permissions to it is on another server, then on another server how can I read the users and groups that existed in the Samba DC?







On Monday, May 17, 2021, 12:53:11 PM GMT+4:30, L.P.H. van Belle via samba <samba at lists.samba.org> wrote: 





Hai, 

In general, i would say. 

Dont use  > > # chmod 0770 share/  on a share there more people work in. 
Your files get "owned" by user and you want it by group .. 

I would use here 
https://chmodcommand.com/chmod-2770/
Or 
https://chmodcommand.com/chmod-3770/

For the base setting, check what fits you best. 

Test this, make 2 folders 
Give one 2770 and one 3770 

Now goto windows, lookup these folder rights from within windows,
see the difference. ;-) And yes, acl_xattr:ignore system acl = yes 
as Rowland suggested should also work, this depends bit on how you use you system.. 


Greetz, 

Louis


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> Rowland penny via samba
> Verzonden: vrijdag 14 mei 2021 14:46
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Some questions about sharing and permission.
> 
> On 14/05/2021 13:27, Jason Long via samba wrote:
> > Hello,
> > According to 
> "https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Win
> dows_ACLs#Adding_a_Share" tutorial, I added a directory and 
> set a permission for it as below:
> >
> > # mkdir -p /home/share/
> > # chown root:"login2" share/
> > # chmod 0770 share/
> > # chcon -t samba_share_t /home/share/
> >
> > Then, added below lines into "/usr/local/samba/etc/smb.conf" file:
> >
> > [Share]
> > path = /home/share
> > writable = yes
> > browsable = yes
> > acl_xattr:ignore system acl = yes
> 
> 
> Can I ask, if you are following the wikipage, why did you use 
> 'writable 
> = yes' instead of the 'read only = no' as shown on the page ?
> 
> Not that it makes any difference, they both mean the same ????
> 
> > The members of "login2" groups can read and write "share" 
> directory, but other can't. If I want other groups or users 
> have read permission, but not write permission, then what should I do?
> 
> 
> Start a Windows client, navigate to the share and set the required 
> permissions from there.
> 
> Rowland
> 
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

> 
> 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list