Re: [Samba] Inherit permissions question (Please help)

Thu, 27 Jan 2005 00:41:40 -0800 

Hi Thomas,

Thank you for your reply and for the information and ideas.

I think your option would work ok, but as you said a bit hairy with a lot of users. :) We have about 700 users that we are running off this Samba box so it would be a bit of a mission to keep maintained.

Mmmmm... I wonder what else I could try ?
Perhaps it would easier if I configure ACL support and just set the permissions manually each time a new file is copied to the users' areas by a Domain Admin ?


Kindest regards
David Wilson
_______________________________
D c D a t a
Tel +27 33 342 7003
Fax +27 33 345 4155
Cell +27 82 4147413
http://www.dcdata.co.za
[EMAIL PROTECTED]
Powered by Linux, driven by passion !
_______________________________

"Computers are not intelligent. They only think they are."

----- Original Message ----- From: "Thomas Reiss" <[EMAIL PROTECTED]>
To: "David Wilson" <[EMAIL PROTECTED]>
Sent: Wednesday, January 26, 2005 7:42 PM
Subject: Re: [Samba] Inherit permissions question (Please help)


Hallo David Wilson,

Hi Thomas,

Thank you for your reply and the information.
Will the "s"-Bit cause all new files that are written by a "Domain Admin"
to the user1/ folder to be owned by "user1" ?


No, cause only that the Group was always "Domain Admin".


My problem is that "Domain Admins" can write to users' folders in the
[userprofile] share but then the respective user who owns the folder can't
access the new data in it.
The "inherit permisions" would solve my problem except that it does not
allow user/group ownership to be passed down onto files.
Any ideas ? :) 

hmm, can you set the "s"-Bit on the UID with chmod u+s user1/ ?
Ok it make a test....hmm seems not funktional.

I see in the Section of "inherit permissions" in "man smb.conf":
------------------------
Note that the setuid bit is never set via inheritance (the  code
              explicitly prohibits this)
-----------------------

Hmmm...i think the only way is to make a group "user1" and add the
respective "Admin"-User to this Group and set the Permission to 770 and
the Group to "user1-Group" of user1/ Folder.
Additional add the "s"-bit to the Group and set "inherit permissions =
yes" in smb.conf.

But, this would be hairy on 2000 Users....

Greetings
Thomas



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Reply via email to