Doug Tucker wrote:
Hello group, this issue is driving me crazy, there just has to be a
simple way to do this that I am missing! I have a share, SOP. The file
system maps to /dir/dir/sop. If I have a set of users that need write
access to this directory, but only want to allow another set of users
read only access, how can I accomplish this? From the man pages, it
looks like I can set the share to read only, and use the directive
write list = @groupname to allow certain users write access to this read
only share, but, I don't want to allow everyone read access, I want to
only allow certain other users (that I can put in a group) read only
access. Any ideas?
Sincerely,
Doug
Yeah, like almost all permissions things, do this one at the file system
level. Create a group 'writeGroup'; make perms like such:
root:writeGroup 2664 /dir/dir/sop
The setGid will ensure that all files written to sop are part of the
write group, the owner has full control and writeGroup will have write
perms, everyone else is read only. Also, you might want to set the
sticky bit so only the owner can delete a file they created. That's how
I'd do it, at least. I always do permissions at the lowest layer
possible so I can easily change shares without worrying about share
semantics. They get ugly when things start getting nested.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
