Say I have a protected directory called Corp that only members of the unix group Corp can access and its mostly working with:
read list = @corp
write list = @corp
create mask = 0770
Problem is, when a user creates a file there, its setting the user and group ownership to them, e.g. when user1 creates foo1, it has the permissions 770 for user1:user1 and user2 can't access or edit the file.
Is there a way to make it user1:corp from samba settings or should I change the create mask to 0777 (which I've enabled temporarily after doing a chgrp -R corp on the shared directory)?
Users have SSH access to the server so the folder /svr/corp itself needs to be restricted, right now its set to 770.
-
You can use the
force groupdirective in your share definition to force that a particular group be used for all files on that share.wag2639 : unless i'm using it wrong, i thought it gives access to users who aren't even in the group access to it, cause it treats any samba client as part of that groupZoredache : Prepend the group name with a '+' and it will only apply users who are actually in the group. See the man page for details.From Zoredache -
Set the setgid permission on the directory so that objects created there are created with the group ID of the directory set.
chmod 2770 /svr/corpAny objects created within the directory will then be created with the gid of the /srv/corp directory.
From DaveG
0 comments:
Post a Comment