Same share different user different rights

Hi I want to create a share in linux for several users, but with different rights, for example a share in the home directory named apps, the users a,b,c,d will have access to the share but only a and b will have full rights and c and d will have read only rights, all users must be autenticated users, I have done something similar but all users have the same rights using the options valid users, force group, force create mode = 0664 and force directory mode = 0775.

Hello – read the html version of smb.conf in “google smb.conf site:.org”
All must be authenticated: guest ok = no
a and b have full rights: read list = a, b
c and d read only: read list = c, d

If further problems, post your paragraph for the share in smb.conf – post it here.

Using the write list and read list options is it needed to use the force create mode and force directory mode options? will this options work in a security = user mode configuration?

is it needed to use the force create mode and force directory mode options?

There’s a question behind this question that I can’t quite see. What were the reasons you were using force create and force directory? I think it might be you were using these to get suitable permissions on files and directories made in the share over the network. Think about not using those but instead using this:

force user = abcdefg

where abcdefg is the real Linux owner of the shared directory. That gives great structure and permissions on the created files etc, just like as if abcdefg had made files/directories in ther share as normal Linux owner. If the direcory that you share belongs to root, then chown it to abcdefg, any normal Linux user. Join abcdefg to the Samba user database, like users a, b, c, etc.

will this options work in a security = user mode configuration?

Yes.

I used these two options so the entire group could have access to read and write docs and folder created by any user with write rights not only the creator of the files, is that right?

I’m getting confused now because I’m remote from your coalface. I would do sort of anything like this:
Add a user to the samba user database to make the administrative owner, say, billygoat.
Make a directory /home/billygoat/sharedfiles. Make sharedfiles anywhere provided it’s owned by billygoat.

edit this into smb.conf which ois located at /etc/samba/smb.conf:

[SharedFiles]
path = /home/billygoat/sharedfiles
read list = a, b, c
write list = d, e, f
force user = billygoat
guest ok = no

then a, b, c, d, e, f can read but only a, b, c can write. And each of a, b, c can fully write/rewrite something made by anyone else. Is that what you want?

That is correct, that is what I wanted, this is only a matter of know how to combine the different options, so in this configuration the logged users are like if the billygoat user is the one that connected to the share, no matter what user is used to logging.

Thanks

You’re welcome.

It is a mouthful:

then a, b, c, d, e, f can read but only a, b, c can write. And each of a, b, c can fully write/rewrite something made by anyone else.

It took a while to get my head around that one :confused: