Hi peeps,

First time here so go easy

Coming from a Windows (aka the dark side) background I've been tasked to take over a new linux file server (opensuse 11.1 & Samba).

For the last week odd I've been trying to get my head around it all and trying to find a standard practise for Permissions, ACLs etc... on a linux/samba file server, alas to no avail.

I think I'm confusing myself reading far too deeply into the complexities and different methods of linux permissions etc...

I suppose the background is as this:-

Running 10 XP desktops in a workgroup configuration.

Opensuse 11.1 and Samba

I'm pretty sure the Samba side of things is configured correctly and I'm quite happy with the setup/configuration etc... I've set it so certain directories are browsable or not etc... everyone can see the browsable directories no problem with only certain folk having access (via mapped drive) to the no-browsable directories as we wanted.

The issue/headache I'm getting is this:

We have a directory called Repository with quite a few sub-directories within it.


/home/file.server/repository/current/production - USERS READ - SUPER_USERS WRITE
/home/file.server/repository/current/records - USERS READ - OFF_MAN WRITE
/home/file.server/repository/current/working documents - USERS WRITE

We're trying to implement a system where some of the subfolders have different read/write access for different groups/individuals.

The groups and user accounts have been setup fine.

I've been through Nautilus and added the Groups to the ACLs along with the default READ/WRITE attributes added.

In Nautilus, if I right click and select the Permissions tab. All the files and folders are owned by me, fine (I think). For the love of mankind, god, all the little beasts on this planet, if I press the "Apply permissions to enclosed files" it doesn't take?

I've set the top level directory to have the correct Permissions and ACLs (root.users - not sure if this is standard practise?) and am trying to apply this to all files/folders within it. I just cant work it out?

New files/folders created seem to be working fine (i.e. correct Owner.Group in permissions) but they do not take on the ACLs set on the parent directory.

I suppose I'm trying to find out what is best practise for this kind of setup?

Should the file owner be the creator of the file or should it be root?

Also, do the ACL's I've setup take presidence over the default Permissions set on Owner.Group.Other?

Confusing myself even more....

Hate to admit defeat and don't want to return to the darkside but I'm about to think k'it and go and buy MS SBS2003...

Has anyone got any standard/best practises for Permissions, ACLs on File Servers running Samba?

Help me OB1Linuxobe - you're my only hope