I thought I had this sorted, However there is still a problem - Force
group greated the file with the group I required but also gave everyone
logging onto the share group access rights. If I take away the force group
then the group is set to the user primary group. and the teachers group
can't read the file. what I require is for the group to be set to
teachers on file creation with no other implications. (if i use force
group +teachers then the force only occurs if the logon user is a member
of teachers , no use either)
Ian
Thanks Steve
I had clearly misunderstood the scope of force user. ( actually, it was
force group ) but the principle is still the same.
Tha ctual solution was to remove the line force group = teachers the
rights then followed as expected.
Ian
Ian,
You appear to be incorrectly using the force user parameter.
From the smb.conf documentation:
force user (S)
This specifies a UNIX user name that will be assigned as the default
user for all users connecting to this service. This is useful for
sharing files. You should also use it carefully as using it
incorrectly can cause security problems.
This user name only gets used once a connection is established. Thus
clients still need to connect as a valid user and supply a valid
password. Once connected, all file operations will be performed as the
forced user, no matter what username the client connected as. This
can be very useful.
This clearly explains the results you have achieved.
Steve
Privileged/Confidential Information may be contained in this message.
If you are not the addressee indicated in this message (or responsible
for delivery of the message to such person), you may not copy or
deliver this message to anyone. In such case, you should destroy this
message and kindly notify the sender by reply email. Opinions,
conclusions and other information contained in this message that do
not relate to official business shall be understood as neither given
nor endorsed by ITS
-Original Message-
From: Ian Warburton [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 22, 2004 1:37 PM
To: [EMAIL PROTECTED]
Subject: [Samba] group and user permissions issue.
I have browsed through loads of archive material and cant seem to find
anywhere where this exact issue has been posted.
am using samba 2.28 set up as an NT domain, there are no problems
with
the general configuration. My issue is witb samba not following the
permissons I have set on files in a shared directory.
Purpose: set up a directory for students and teachers where students
can leave files and only edit their own files, teachers can edit all
files.
unix permissions for files are like this
-rwxrw1 student1 teachers6 Jun 22 18:22 S1.txt*
-rwxrw1 student3 teachers 17 Jun 22 18:21 S3.txt*
-rwxrw1 student3 teachers8 Jun 22 18:21 student3.txt*
therefore students can edit their own files and teachers in the group
teachers can also edit the files.
I create a share in samba ie:
[Student_GiveWorkIn]
user = %U
path = /home/Give_work_in
create mode = 750
write list = %U
only user = yes
force group = teachers
this works however students using this share can edit each others
files.
if I set the permissions to :
-rwxr-1 student1 teachers2 Jun 22 16:34 S1.txt*
-rwxr-1 student3 teachers8 Jun 22 17:12 S3.txt*
-rwxr-1 student3 teachers0 Jun 22 15:39 student3.txt*
then students can edit their own files and no one elses, but the
teachers
group can't edit them either ie chmod g+w seems to mean that samba
gives
group access to the students as well as the teachers, when only the
teachers should have access.
I am at a loss to explain this behaviour.
Ian
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
_
This message was content-scanned by IXC Shield
Powered by GatewayDefender - BG0b1bd641.0001.mml
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba