[nzlug] Samba file creation ownerships.

Andrew Bruce abruce at hope-st.ath.cx
Sat Jan 20 01:18:13 NZDT 2007 

Ooops, sorry all.  I should have read the smb.conf man page properly.

For reference (from the man page):

          In  Samba  2.0.5  and  above this parameter has extended 
functionality in the following way. If the group
          name listed here has a '+' character prepended to it then the 
current user accessing the share  only  has
          the  primary group default assigned to this group if they are 
already assigned as a member of that group.
          This allows an administrator to decide that only users who are 
already in a particular group will  create
          files with group ownership set to that group. This gives a 
finer granularity of ownership assignment. For
          example, the setting force group = +sys means that only users 
who are already  in  group  sys  will  have
          their  default primary group assigned to sys when accessing 
this Samba share. All other users will retain
          their ordinary primary group.

Tried it and it does exactly what I wanted, so all is good now :)

Andrew

Andrew Bruce wrote:
> Hi,
>
> I'm trying to setup something (tricky I think - unless I'm going about 
> this the wrong way...)
>
>
> I've got a folder called storage on my server which a flatmate and I 
> use to keep a bunch of files that we want to be accessible to both of 
> us, and the general flat.  I've created the folder [storage], and 
> assigned it nobody:store ownership (I created the UNIX group store), 
> and rwxrwxr-x permissions.
>
> I've shared this folder through Samba (as it needs to be Linux and 
> Windows accessible, as we both dual boot, and one other flatmate is 
> Windows only) and allowed guest access to the folder, so that the 
> other flatty can browse but not write files and this works.  The Samba 
> setup also allows us two users to be able to create files and 
> directories, which are created with the correct permissions (774) and 
> this works well.
> The issue is that when user1 (or user2) creates the files, the machine 
> gives the group ownership of the files to the group users (as in 
> user1:users).  This becomes an issue, because I have other users who 
> have Samba accounts on the machine and are users group members who can 
> then play with files, or write files into directories created.
>
> What I need to be able to do is to set the group ownership of any 
> directory or file created by user1 and user2 to the store group.
>
> I tried the force group = store option, but this also happens to force 
> the guest user to 'appear' as part of the store group, allowing them 
> to do whatever they want.
>
>
> Any suggestions, or alternative ways to set this up?  I would prefer 
> not to have to use the 'admin users' option in the smb.conf file, as I 
> would rather just be able to add the user to a UNIX group when they 
> are created and they instantly have the right permissions.
>
> Thanks,
>
> Andrew Bruce
>
> _______________________________________________
> NZLUG mailing list NZLUG at linux.net.nz
> http://www.linux.net.nz/cgi-bin/mailman/listinfo/nzlug
>

More information about the NZLUG mailing list