Samba and filesystem permissions

Discussion in 'Server Operation' started by Anteaus, Jul 17, 2007.

  1. Anteaus

    Anteaus New Member

    This one's been bugging me for a long time.

    Samba server, Windows clients in workgroup, users must be able to work collaboratively. Access rights determined by share permissions.

    Issue is that filesystem permissions prevent this from working properly, effectively creating a 'user jail' setup typical of Unix where no-one can touch files created by other users.

    Thought I'd found a solution in doing:

    chmod -R 2770 <share>
    chown -R <server console user>:<samba group> share

    and using smb.conf settings:
    force group <samba group>
    create mask 2770
    directory mask 2770

    This setup solves the problem for LAN users creating new files or folders, and for files created within the share at the server console -and I thought I'd got a solution.

    However, I found that we STILL (sigh) have a permisisons problem,in that folders copied into the share from other server devices (for example a USB stick) acquire permissions of 755, and hence are editable/deletable only by the console user.

    This despite the USB stick being FAT, and despite the inherit-group (2) attribute on the parent folder -which should in theory prevent this happening. But, it doesn't.

    I guess one answer is to never copy files locally at the server console, only via the network. Not exactly convenient, though. What we need is a proper solution that works reliably, 100% of the time.

    Sorry about long post, but it's an awkward issue to describe. Done a lot of research into this, and so far not found anyone who can describe a setup which will make collaborative file-sharing work properly, without glitches.

    Any ideas?

Share This Page