All users that I want to have access this folder belongs to group files.
I also need to have samba access to this folder. I have created smbuser that belongs also in files group. In smb.conf I have forced guest account to be smbuser. And also i have
create mask = 0775
directory mask = 0775
I believe that i have solved file permissions problem with samba. But if folder is created from shell it always get’s
Set every user’s umask to 002 so perms are always set to 775 or 664
(directory or file)? Vis Samba I’m not as sure… would guess there’s
some option though I don’t know it.
Good luck.
TheDarthJysky wrote:
> Okay, I have this server that I’d like to keep pretty secure and it has
> multiple users. I have folder /mnt/downloads and it has permissions
>
> Code:
> --------------------
> drwxrwx— 10 root files 4096 2008-09-02 22:18 downloads
> --------------------
> All users that I want to have access this folder belongs to group files.
> I also need to have samba access to this folder. I have created smbuser
> that belongs also in files group. In smb.conf I have forced guest
> account to be smbuser. And also i have
>
> Code:
> --------------------
> create mask = 0775
> directory mask = 0775
> --------------------
> I believe that i have solved file permissions problem with samba. But if
> folder is created from shell it always get’s
>
> Code:
> --------------------
> drwxr-xr-x 2 myusername users 4096 2008-09-03 20:50 testi
> --------------------
> So how to force file and folder permissions to be for both user and
> group rwx.
>
> It’s not practical to always ‘sudo chown’ or ‘sudo chmod’ and I would
> be the onlyone to be able to do it.
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
Can’t be done outside samba unless you enforce access through some program instead of being able to do anything from the shell. Which is how samba does it.
What! Really?
Is unix file permissions really that limited that one can not create folder permission rule that permissions are copied from parent folder?
I have successfully configured samba permissions as I want them but the problem is that if someone from console, through ssh or by some other means folders and files are created with wrong group permissions
So the solution is that you have to forbid direct access and to interpose a process that ensures that the permissions you want are enforced. This could be done in various ways varying from the hassle of requiring the use of a transfer program, e.g. smbclient, to trying to make it more convenient and transparent with a FUSE (filesystem in userspace).
Note that you probably don’t need to preserve ownership so that you don’t have to run with superuser privilege, you just need to make sure that sharing is possible.
PS: Another way is you could mount the Samba share with smbfs and let Samba do the work.
Now, lets forget that samba access in this point. I have solved the problem with it in windows computers. Haven’t had time to look it in to linux client.
But the scenario:
Someone uploads bunch of files and folders to /mnt/download/his_new_files via scp.
Now file permissions to this folder and i’ts children are 755.
Now this someone or someone else connects server with samba and wants to write more files or remove folder.
This can not be done because folder owner is not same that is with samba, and group doesn’t have rwx permission.
What I want is to files and folders have 775 permissions when created.
Now I could change global umask to 775, but won’t that compromise my server security? As I’d like to have privacy to all users and /mnt/downloads to be only folder that all group members have equal rights.