[Samba] Permissions Issue - Samba

This is a discussion on [Samba] Permissions Issue - Samba ; Hello group, this issue is driving me crazy, there just has to be a simple way to do this that I am missing! I have a share, SOP. The file system maps to /dir/dir/sop. If I have a set of ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: [Samba] Permissions Issue

  1. [Samba] Permissions Issue

    Hello group, this issue is driving me crazy, there just has to be a
    simple way to do this that I am missing! I have a share, SOP. The file
    system maps to /dir/dir/sop. If I have a set of users that need write
    access to this directory, but only want to allow another set of users
    read only access, how can I accomplish this? From the man pages, it
    looks like I can set the share to read only, and use the directive
    write list = @groupname to allow certain users write access to this read
    only share, but, I don't want to allow everyone read access, I want to
    only allow certain other users (that I can put in a group) read only
    access. Any ideas?

    Sincerely,

    Doug

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba


  2. Re: [Samba] Permissions Issue

    Doug Tucker wrote:
    > Hello group, this issue is driving me crazy, there just has to be a
    > simple way to do this that I am missing! I have a share, SOP. The file
    > system maps to /dir/dir/sop. If I have a set of users that need write
    > access to this directory, but only want to allow another set of users
    > read only access, how can I accomplish this? From the man pages, it
    > looks like I can set the share to read only, and use the directive
    > write list = @groupname to allow certain users write access to this read
    > only share, but, I don't want to allow everyone read access, I want to
    > only allow certain other users (that I can put in a group) read only
    > access. Any ideas?
    >
    > Sincerely,
    >
    > Doug
    >
    >

    Yeah, like almost all permissions things, do this one at the file system
    level. Create a group 'writeGroup'; make perms like such:
    root:writeGroup 2664 /dir/dir/sop

    The setGid will ensure that all files written to sop are part of the
    write group, the owner has full control and writeGroup will have write
    perms, everyone else is read only. Also, you might want to set the
    sticky bit so only the owner can delete a file they created. That's how
    I'd do it, at least. I always do permissions at the lowest layer
    possible so I can easily change shares without worrying about share
    semantics. They get ugly when things start getting nested.
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba


  3. Re: [Samba] Permissions Issue

    On Tue, Jun 24, 2008 at 11:55 AM, Doug Tucker wrote:
    > Hello group, this issue is driving me crazy, there just has to be a
    > simple way to do this that I am missing! I have a share, SOP. The file
    > system maps to /dir/dir/sop. If I have a set of users that need write
    > access to this directory, but only want to allow another set of users
    > read only access, how can I accomplish this? From the man pages, it
    > looks like I can set the share to read only, and use the directive
    > write list = @groupname to allow certain users write access to this read
    > only share, but, I don't want to allow everyone read access, I want to
    > only allow certain other users (that I can put in a group) read only
    > access. Any ideas?
    >

    Why not use the linux filesystem acls and set the users and groups
    that have permissions with that?

    John
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba


  4. RE: [Samba] Permissions Issue

    Doug Tucker wrote:
    > From the man
    > pages, it looks like I can set the share to read only, and use the
    > directive write list = @groupname to allow certain users write access
    > to this read only share, but, I don't want to allow everyone read
    > access, I want to only allow certain other users (that I can put in a
    > group) read only access. Any ideas?


    valid users = @groupthatcanread,@groupthatcanwrite
    read only = yes
    write list = @groupthatcanwrite

    As other posters have mentioned, it's good practice to enforce this at
    the filesystem level too.

    Cheers

    Alex
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba


+ Reply to Thread