On Thu, 23 Oct 2003, Matt Beglinger wrote: > Hello, > > I'm setting a PDC/fileserver for my company. All the files are being > hosted on the Samba PDC server. We have a single company directory that > everyone in the company has full access to. Inside the shared company > directory is a directory (among many others) that I would only like > certain users to be able to view. I know this is possible but here's the > problem: > > As far as I know, for everyone to share files happily I had to set the > "force create mask" option to 0777. Without this option set whenever an > employee would save a Word document and another employee were to load > that document it would load as "read only". If I manually changed the > permission to 777 for that file and that same employee were to reopen > the file, it would open just fine without "read only" status. That's > where I got the idea of forcing permissions to 777. > > So maybe I'm going about this all the wrong way, but to recap: > > We have a company directory that we want all employees to be able to > view/edit/change whatever. But there is a directory within this shared > directory that we would only like a certain list of people to have > access to. But I've found it necessary to "force create mask" of 777 > because of the "read only" problem. > > Anyone have a idea. I'm stumped and haven't had any success yet.
Have you tried setting the user and group ownership of hte directory to what you want, and then setting SUID/SGID on the dierectory? This way all files in the directory get written with the ownership of the directory. You can then have sub-directories that have differing user and group ownership providing the exact effect you want. Samba is share settings are a poor substitute for what is easily done in the OS. If you need further info check out the Samba-HOWTO.Collection.pdf for Samba-3. It's available from the Samba Web site. You need to check the chapter titled "File, Directory and Share Access Controls". Cheers, John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba