On Wed, May 19, 2010 at 04:41:01PM +0200, Krigler Pavol wrote: > Hello, > > I have noticed some ALC issues with files and directories. I use samba > server 3.0.33 on CentOS 4.8 joined to Windows 2003 domain. Everything > works fine, all users are authenticated to domain controller. My aim is > to give FULL ACCESS (open/read/write/rename/delete..) to directory > "testdir" to two users, john and mark without using groups because I > have no permissions on domain controller (only add server to domain). > Permissions of "testdir": > > getfacl testdir > # file: testdir > # owner: techadmin > # group: root > user::rwx > user:john:rwx > user:mark:rwx > group::rwx > mask::rwx > other::--- > default:user::rwx > default:user:john:rwx > default:user:mark:rwx > default:mask::rwx > default:other::--- > > The problem is that users john and mark have rwx permissions, they are > able to create file, modify but _not_ delete neither rename the file > under "testdir". Only owner of the directory "testdir" - user techadmin > is able to delete/rename files under directory. As far as I know, only > owner of the up level directory can delete or rename file(s). The > question is: how is possible to allow both users to delete/modify files > under "testdir" directory without using (domain) groups ? > Filesystem ext3 is mounted with ACL options, SELinux enabled, audit.log > has not deny entries, and the configuration of samba is following:
I think you also want "dos filemode = yes" and also possibly "acl group control = yes". Jeremy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
