Here's a workaround to the problem with SMB creating files with permission 000
+ ACL, which means only the owner can access the file. It's a cron script that
runs periodically to fix the permissions to make files accessible by other
users. It's a kludge, but it works until a better solution is available (such
as a mechanism to have more-reasonable default file permissions :-).
#! /bin/ksh
DESIRED_OWNER_GROUP="samba:dan"
BASEDIR=/export
DATEFILE=${BASEDIR}/acl-date
FILE_PERM="read_data/write_data/append_data/read_xattr/write_xattr/delete_child/
read_attributes/write_attributes/delete/read_acl/synchronize:allow"
DIR_PERM="read_data/write_data/append_data/read_xattr/write_xattr/execute/delete
_child/read_attributes/write_attributes/delete/read_acl/synchronize:allow"
# Change Ownership
find $BASEDIR -exec chown -R $DESIRED_OWNER_GROUP {} \;
# Change File permissions
find $BASEDIR -type f -exec chmod A=owner@:${FILE_PERM} {} \;
find $BASEDIR -newer $DATEFILE -type f -exec chmod A+group@:${FILE_PERM} {} \;
find $BASEDIR -newer $DATEFILE -type f -exec chmod A+everyone@:${FILE_PERM} {} \
;
# Change Directory permissions
find $BASEDIR -newer $DATEFILE -type d -exec chmod A=owner@:${DIR_PERM} {} \;
find $BASEDIR -newer $DATEFILE -type d -exec chmod A+group@:${DIR_PERM} {} \;
find $BASEDIR -newer $DATEFILE -type d -exec chmod A+everyone@:${DIR_PERM} {} \;
touch $DATEFILE
This message posted from opensolaris.org
_______________________________________________
storage-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/storage-discuss
