Hello, we have a SLES 10SP2 setup with some collaboration shares distributed with Samba. In order to make sure files and folders on these shares are readable *and* writeable, the shares typically look like this:
[public] path = /home/01_public create mask = 740 directory mask = 750 force create mode = 220 force directory mode = 770 force group = optiker read list = zhang, @optiker write list = @optiker With this, we want to have new or copied files to get -rw-rw---- and new or copied folders to get drwxrwx---. This works OK for the Windows clients but the unixlike clients (Linux and MacOSX) write files with -rwxrw-r--, which is a little different from what we expect. Folders are allright. The file creation works for Linux and Mac boxes, too, when the global option "unix extensions = no" is set. Yet, this leads to some unwanted behavior on the unixoid clients: they can no longer see who created a file, and what the actual permissions really are... So, the question is: how can we make sure that files and folders are created with certain permissions for all client platforms, and without disabling unix extensions? Also, it does not help to use ACLs on the share parent folders since the file permissions are the same as above, then... Any help is deeply appreciated! What follows is the global section of the smb.conf, just in case. [global] add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ domain logons = Yes domain master = Yes hide dot files = yes hide special files = yes hosts allow = 127.0.0.1 192.168.173.0/24 132.230.0.0/16 hosts deny = 0.0.0.0/0 idmap backend = ldap:ldap://127.0.0.1 ldap admin dn = cn=moadmin,dc=micro-optics,dc=uni ldap delete dn = No ldap group suffix = ou=gruppen ldap idmap suffix = ou=Idmap ldap machine suffix = ou=Machines ldap passwd sync = Yes ldap replication sleep = 1000 ldap ssl = Start_tls ldap suffix = dc=micro-optics,dc=uni ldap timeout = 5 ldap user suffix = ou=nutzer local master = Yes log level = 3 logon drive = L: logon path = \\%L\%U\_msprofile logon script = logon.bat netbios name = rioja os level = 65 passdb backend = ldapsam:ldap://127.0.0.1 preferred master = Yes security = user # unix extensions = no wins support = Yes workgroup = micro-optics [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon write list = root browsable = no -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba