Hi Chris,
It looks like you are giving read access for group1 to the top-level
/pool1/share directory. Are you giving top-level read access to group2
and group3?
If not and remember that chmod A= is replace and chmod A+ is add, then
try this syntax:
# chmod
A+group:group1:list_directory/read_data/read_xattr/read_attributes/read_acl/syn
chronize:allow /pool1/share
# chmod
A+group:group2:list_directory/read_data/read_xattr/read_attributes/read_acl/syn
chronize:allow /pool1/share
# chmod
A+group:group3:list_directory/read_data/read_xattr/read_attributes/read_acl/syn
chronize:allow /pool1/share
Thanks,
Cindy
On 06/16/10 07:47, Chris Hunt wrote:
I am trying to setup a fileserver in a workgroup that will have a share:
share1
and a few folders under that share with group specific permissions:
folder2 (accessible by group2)
folder3 (accessible by group3)
I have edited my /etc/group file to represent how I would like this done:
group1::101:user1,user2,user3
group2::102:user1
group3::103:user2,user3
I then set the permissions necessary to view everything in the top folder
"share1":
chmod
A=group:group1:list_directory/read_data/read_xattr/read_attributes/read_acl/syn
chronize:allow /pool1/share
I then give permission to group2 for folder2:
chmod
A=group:group2:list_directory/read_data/add_file/write_data/add_subdirectory/ap
pend_data/read_xattr/write_xattr/execute/delete_child/read_attributes/write_attr
ibutes/delete/read_acl/synchronize:dir_inherit:allow /pool1/share/folder2
I then give permission to group3 for folder3:
chmod
A=group:group3:list_directory/read_data/add_file/write_data/add_subdirectory/ap
pend_data/read_xattr/write_xattr/execute/delete_child/read_attributes/write_attr
ibutes/delete/read_acl/synchronize:dir_inherit:allow /pool1/share/folder3
The problem I am having is that from the client side the share is showing up however the folders do
not. If I give group1 the "full_set" in the "share" folder then the client can
see the folders however I do not want users to have any write permissions in that folder. What am I
missing?
_______________________________________________
sysadmin-discuss mailing list
sysadmin-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/sysadmin-discuss
