Re: [Samba] file permissions on home directories and admin user copying files to it
2003. november 13. 19.40 dtummal Christian Nabski ezt rta: We want to copy files with the group in the admin list of the [homes] share. The problem is that the copied files then are owned by root. I know this is normal unix behavior. However we want the copied files to be owned by the user of the homeshare. I read the samba howto section Users Cannot Write to a Public Share. Although I want to set the owner on the home shares and not on a public share. The mentioned section however does not seem to work on Redhat 7.3 nor RH AS 3 ? The group gets set correctly (gets changed to the group who owned the directory) but the user stays the same. I am wondering if this is a particular issue with the Redhat distribution or something else ? For now I tried this solution : in [homes] : root preexec = chown -R %S %P This works but I wonder if this is good solution ? Christian I use force user = %S setting in [homes]. This way anyone copies into this share (who has write access of course :-) ) the owner of files will be the same user. -- attiko -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] file permissions on home directories and admin user copying files to it
We want to copy files with the group in the admin list of the [homes] share. The problem is that the copied files then are owned by root. I know this is normal unix behavior. However we want the copied files to be owned by the user of the homeshare. I read the samba howto section Users Cannot Write to a Public Share. Although I want to set the owner on the home shares and not on a public share. The mentioned section however does not seem to work on Redhat 7.3 nor RH AS 3 ? The group gets set correctly (gets changed to the group who owned the directory) but the user stays the same. I am wondering if this is a particular issue with the Redhat distribution or something else ? For now I tried this solution : in [homes] : root preexec = chown -R %S %P This works but I wonder if this is good solution ? Christian -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] file permissions on home directories and admin user copying files to it
Hi Aaron, Thanks for your answer. I already set the create mask for files and directories : for files 0600 -- user can only write and read for directories 0700 -- directories can be read and entered (executed) by the user This however only sets the rights and not the ownership. The problem arises when an admin (in the adminlist) copies files from another drive/share/... to the home share of a user via samba. These copied files have then as owner root. The effect of this (0600 and root ) is that the user can not read or write to this file. This is in fact a test server for a customer. What they actually want is the behavior of windows : the copied files inherit the rights of the directory where they are created. eg : homedir : 0700 owner : the user group domain users The admin copies or created a file example.txt in homedir. -- rights of example.txt : 0600 owner the user group domain users The group ownership is possible with chmod g+s homedir or chmod 2700 homedir. If I would set a create mask for files as 0660 and for directories 0770 the problem would be solved but I wanted the restrict the rights to the ones set. And I don't want to maintain private groups (ala redhat) for these users. I am just wondering how other people do this with admins which don't know anything about unix file permissions ? Regards, Christian Aaron Collins [EMAIL PROTECTED] wrote on 13/11/2003 21:19:13: You should have a look at the create mask option, it says what the default permissions should be on files that get created. This will override the default unix behavior. See also inherit permissions , directory mask, force create mode and force directory mode I think these are the options your looking for in your smb.conf -Aaron c On Thu, 2003-11-13 at 11:40, Christian Nabski wrote: We want to copy files with the group in the admin list of the [homes] share. The problem is that the copied files then are owned by root. I know this is normal unix behavior. However we want the copied files to be owned by the user of the homeshare. I read the samba howto section Users Cannot Write to a Public Share. Although I want to set the owner on the home shares and not on a public share. The mentioned section however does not seem to work on Redhat 7.3 nor RH AS 3 ? The group gets set correctly (gets changed to the group who owned the directory) but the user stays the same. I am wondering if this is a particular issue with the Redhat distribution or something else ? For now I tried this solution : in [homes] : root preexec = chown -R %S %P This works but I wonder if this is good solution ? Christian -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] file permissions on home directories and admin user copying files to it
I don't think you really can change that, because the default nature of Unix is who ever creates a file owns it, no matter what directory it's in(As long as they have write access to that dir). Samba just does a remote-local mapping that grant the remote user whatever access they are mapped to, but when they create the file, they still own it. If you use a rpc or ads setup, and configure nss and pam together with it, you can make so that from windows you could manage file ownership(To a limited extent, ufs is not ntfs). But as far as making any file that's in a directory owned by who ever owns that dir, the only way I could think of to do it is to write a cron script that checks the dir ownership and sets all files and sub dirs to those permissions every x amount of time. -Aaron On Thu, 2003-11-13 at 17:11, Christian Nabski wrote: Hi Aaron, Thanks for your answer. I already set the create mask for files and directories : for files 0600 -- user can only write and read for directories 0700 -- directories can be read and entered (executed) by the user This however only sets the rights and not the ownership. The problem arises when an admin (in the adminlist) copies files from another drive/share/... to the home share of a user via samba. These copied files have then as owner root. The effect of this (0600 and root ) is that the user can not read or write to this file. This is in fact a test server for a customer. What they actually want is the behavior of windows : the copied files inherit the rights of the directory where they are created. eg : homedir : 0700 owner : the user group domain users The admin copies or created a file example.txt in homedir. -- rights of example.txt : 0600 owner the user group domain users The group ownership is possible with chmod g+s homedir or chmod 2700 homedir. If I would set a create mask for files as 0660 and for directories 0770 the problem would be solved but I wanted the restrict the rights to the ones set. And I don't want to maintain private groups (ala redhat) for these users. I am just wondering how other people do this with admins which don't know anything about unix file permissions ? Regards, Christian Aaron Collins [EMAIL PROTECTED] wrote on 13/11/2003 21:19:13: You should have a look at the create mask option, it says what the default permissions should be on files that get created. This will override the default unix behavior. See also inherit permissions , directory mask, force create mode and force directory mode I think these are the options your looking for in your smb.conf -Aaron c On Thu, 2003-11-13 at 11:40, Christian Nabski wrote: We want to copy files with the group in the admin list of the [homes] share. The problem is that the copied files then are owned by root. I know this is normal unix behavior. However we want the copied files to be owned by the user of the homeshare. I read the samba howto section Users Cannot Write to a Public Share. Although I want to set the owner on the home shares and not on a public share. The mentioned section however does not seem to work on Redhat 7.3 nor RH AS 3 ? The group gets set correctly (gets changed to the group who owned the directory) but the user stays the same. I am wondering if this is a particular issue with the Redhat distribution or something else ? For now I tried this solution : in [homes] : root preexec = chown -R %S %P This works but I wonder if this is good solution ? Christian -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] file permissions on home directories and admin user copying files to it
On Fri, 14 Nov 2003, Christian Nabski wrote: Hi Aaron, Thanks for your answer. I already set the create mask for files and directories : for files 0600 -- user can only write and read for directories 0700 -- directories can be read and entered (executed) by the user This however only sets the rights and not the ownership. The problem arises when an admin (in the adminlist) copies files from another drive/share/... to the home share of a user via samba. These copied files have then as owner root. The effect of this (0600 and root ) is that the user can not read or write to this file. Correct. The same happens when root copies files under UNIX. If you copy them as a normal user this does not happen. Root always overrides UNIX security. - John T. This is in fact a test server for a customer. What they actually want is the behavior of windows : the copied files inherit the rights of the directory where they are created. eg : homedir : 0700 owner : the user group domain users The admin copies or created a file example.txt in homedir. -- rights of example.txt : 0600 owner the user group domain users The group ownership is possible with chmod g+s homedir or chmod 2700 homedir. If I would set a create mask for files as 0660 and for directories 0770 the problem would be solved but I wanted the restrict the rights to the ones set. And I don't want to maintain private groups (ala redhat) for these users. I am just wondering how other people do this with admins which don't know anything about unix file permissions ? Regards, Christian Aaron Collins [EMAIL PROTECTED] wrote on 13/11/2003 21:19:13: You should have a look at the create mask option, it says what the default permissions should be on files that get created. This will override the default unix behavior. See also inherit permissions , directory mask, force create mode and force directory mode I think these are the options your looking for in your smb.conf -Aaron c On Thu, 2003-11-13 at 11:40, Christian Nabski wrote: We want to copy files with the group in the admin list of the [homes] share. The problem is that the copied files then are owned by root. I know this is normal unix behavior. However we want the copied files to be owned by the user of the homeshare. I read the samba howto section Users Cannot Write to a Public Share. Although I want to set the owner on the home shares and not on a public share. The mentioned section however does not seem to work on Redhat 7.3 nor RH AS 3 ? The group gets set correctly (gets changed to the group who owned the directory) but the user stays the same. I am wondering if this is a particular issue with the Redhat distribution or something else ? For now I tried this solution : in [homes] : root preexec = chown -R %S %P This works but I wonder if this is good solution ? Christian -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] file permissions on home directories and admin user copying files to it
So the only way to do this would be like in my initial mail ? in [homes] : root preexec = chown -R %S %P John H Terpstra [EMAIL PROTECTED] wrote on 14/11/2003 02:34:06: On Fri, 14 Nov 2003, Christian Nabski wrote: Hi Aaron, Thanks for your answer. I already set the create mask for files and directories : for files 0600 -- user can only write and read for directories 0700 -- directories can be read and entered (executed) by the user This however only sets the rights and not the ownership. The problem arises when an admin (in the adminlist) copies files from another drive/share/... to the home share of a user via samba. These copied files have then as owner root. The effect of this (0600 and root ) is that the user can not read or write to this file. Correct. The same happens when root copies files under UNIX. If you copy them as a normal user this does not happen. Root always overrides UNIX security. - John T. This is in fact a test server for a customer. What they actually want is the behavior of windows : the copied files inherit the rights of the directory where they are created. eg : homedir : 0700 owner : the user group domain users The admin copies or created a file example.txt in homedir. -- rights of example.txt : 0600 owner the user group domain users The group ownership is possible with chmod g+s homedir or chmod 2700 homedir. If I would set a create mask for files as 0660 and for directories 0770 the problem would be solved but I wanted the restrict the rights to the ones set. And I don't want to maintain private groups (ala redhat) for these users. I am just wondering how other people do this with admins which don't know anything about unix file permissions ? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
