What does the [global] config look like?
On 11/14/2012 8:55 AM, Amanda Gomes wrote:
David, thanks again.
As previously mentioned, I can not allow the file owner erase what
he created in the folder, so I apply the "create mask = 0555" in the
first option.
Dale, thanks for the response.
I tried to use this option you suggested - "admin users", but even
so, I can not do that only users in the group that I want to be able
to delete the files. I can not understand whether it is a samba
problem, but the root can delete through samba, only when the file
owner has full permission on it. Configuration is not valid for my
environment.
Below, I'll put the full configuration of my environment:
Settings on the Shared Folder:
/ mnt / storage / MEDIA
-> Chmod 777 / mnt / storage / MEDIA /
-> Chown Master_User "supervisors" / mnt / storage / MEDIA /
SAMBA settings:
[MEDIA]
path = / mnt / storage / MEDIA
browseable = yes
writable = yes
group = force "supervisors"
admin users = Master_User, @ supervisors
create mask = 0575
force create mode = 0575
When a file is created by the user "user1", this is with the
following settings within the folder:
-r-xrwxr-x 1 user1 supervisors 0 Nov 14 12:36 File.txt
OK ... Only the group has full permissions on the file! That is,
theoretically also master_User (master_user belongs to supervisors).
But neither master_user or root can delete trhough samba.
I know someone explain why neither the root can not delete trhough
samba independent of any configuration?
Guys, thank you once again for your help.
Hugs.
2012/11/13 Dale Schroeder <[email protected]
<mailto:[email protected]>>
Amanda,
You can elevate a user's privileges by using the "admin users"
parameter, e.g., "admin users = user1, @group2"
Also, I believe the syntax in your second option should be ==>
"force group = supervisors" if you wish to go that route.
Dale
On 11/12/2012 3:44 PM, Amanda Gomes wrote:
Dear,
We are integrating Samba with Active Directory in the
company. The goal
is to provide a samba share to users of AD. In this case, we
need all users
to write on the share, but nobody modify or delete any files.
Even the user
who owns it.
With this, we would create only one AD user, if necessary
with root
powers, which could erase everything.
For this, we test several lines, such as the samba
permissions, acls,
sticky bit, but nothing met our needs.
I am now trying to make that an AD user has the same root
privileges.
Working with the following configuration:
[MEDIA]
path = / mnt / storage / MEDIA
browseable = yes
writable = yes
create mask = 0555
After writing the share, no one can erase. But not even
the root logging
via samba, can erase. Only the machine itself. Anyone can
explain why?
Another option would be:
[MEDIA]
path = / mnt / storage / MEDIA
browseable = yes
writable = yes
group = force "supervisors"
create mask = 0570
With this setting, the goal would be that users write in
the share and
the files were to become the group supervisors, and only users
belonging to
this group be able to erase. But this setup also failed.
Does anyone know how I could implement this? The why these
settings do
not work out?
Thank you!
Amanda Gomes.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
