[Samba] Problems of groups accessing shared directory
Hello, I have problems with people having different groups who access a shared directory via samba. The requirements are: 1. There are people with group group1 and group group2 in /etc/passwd 2. 3 people from group group1 and 2 people from group group2 are allowed to access a shared directory and have read/write access to that directory. Our solutions are: 1. We made a special additional group called special to classify those people, and add the entry in /etc/group like: special:*:9000:person1,person2,person3,person4,person5 2. The name of the shared directory to be accessed via samba is ourdir, the entry in smb.conf is like: [ourdir] comment = special group ourdir path=/home/pub/ourdir browseable=yes writeable=yes create mask=0664 directory mask=775 force directory mode=0511 3. In the linux system, the directory /home/pub/ourdir is chown to root and chgrp to special. The permission is 775, so that anyone belong to the special group has full control to the directory. drwxrwxr-x 12 rootspecial4096 Oct 29 17:15 ourdir Problems came when person1 put/edit a file via samba (Windows Explorer), the ownership of the file is person1.group1, instead of person1.special. In this case, person4.group2 cannot edit the file (doesn't belong to the same group). How to make all files written or edited always belonging to group special? I have tried force group = special but it turned out anyone has access to the directory, eventhough they're not listed as member of group special in /etc/group. Thank you very much for any replies. -Qonita MS -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems of groups accessing shared directory
On Thursday 31 October 2002 10:22 am, Qonita wrote: drwxrwxr-x 12 rootspecial4096 Oct 29 17:15 ourdir How to make all files written or edited always belonging to group special? I have tried force group = special but it turned out anyone has access to the directory, eventhough they're not listed as member of group special in /etc/group. i would suggest here a: chmod g+s ourdir this will allow everything created under the ourdir directory to have the same group ownership as ourdir -- Dimitrios Stergiou System, Network and Security Administration Group Intracom S.A DISCLAIMER: Funny signature follows --- Johnson's First Law: When any mechanical contrivance fails, it will do so at the most inconvenient possible time. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems of groups accessing shared directory
Qonita wrote: 3. In the linux system, the directory /home/pub/ourdir is chown to root and chgrp to special. The permission is 775, so that anyone belong to the special group has full control to the directory. drwxrwxr-x 12 rootspecial4096 Oct 29 17:15 ourdir Problems came when person1 put/edit a file via samba (Windows Explorer), the ownership of the file is person1.group1, instead of person1.special. In this case, person4.group2 cannot edit the file (doesn't belong to the same group). How to make all files written or edited always belonging to group special? I have tried force group = special but it turned out anyone has access to the directory, eventhough they're not listed as member of group special in /etc/group. After setting the group ownership, also set the sticky bit, ie : chmod g+s directory This tells Linux to use the group name of that directory, rather than the primary group of the user, when creating new files. Simon -- Simon Hobson, Technical Services Engineer Colony Gift Corporation Limited Lindal in Furness, Ulverston, Cumbria, LA12 0LD Tel 01229 461100, Fax 01229 461101 Registered in England No. 1499611 Regd. Office : 100 New Bridge Street, London, EC4V 6JA. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems of groups accessing shared directory
thx to Dimitrios Simon. What a prompt response. It really does work! Never really thought of using sticky bit.. -Qonita - Original Message - From: Simon Hobson [EMAIL PROTECTED] To: Qonita [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, October 31, 2002 15:33 Subject: Re: [Samba] Problems of groups accessing shared directory Qonita wrote: 3. In the linux system, the directory /home/pub/ourdir is chown to root and chgrp to special. The permission is 775, so that anyone belong to the special group has full control to the directory. drwxrwxr-x 12 rootspecial4096 Oct 29 17:15 ourdir Problems came when person1 put/edit a file via samba (Windows Explorer), the ownership of the file is person1.group1, instead of person1.special. In this case, person4.group2 cannot edit the file (doesn't belong to the same group). How to make all files written or edited always belonging to group special? I have tried force group = special but it turned out anyone has access to the directory, eventhough they're not listed as member of group special in /etc/group. After setting the group ownership, also set the sticky bit, ie : chmod g+s directory This tells Linux to use the group name of that directory, rather than the primary group of the user, when creating new files. Simon -- Simon Hobson, Technical Services Engineer Colony Gift Corporation Limited Lindal in Furness, Ulverston, Cumbria, LA12 0LD Tel 01229 461100, Fax 01229 461101 Registered in England No. 1499611 Regd. Office : 100 New Bridge Street, London, EC4V 6JA. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
