Hi. I think you just can ignore the user and group if you use ACL to define authorithy. By having present ACL defines for directories(or files) you tell Linux to use ACL for access control only. And ignore user and group.
/Tore _________________________________________________ Tore Agblad System programmer, Volvo IT certified IT Architect Volvo Information Technology Infrastructure Mainframe Design & Development, Linux servers Dept 4352 DA1S SE-405 08, Gothenburg Sweden Telephone: +46-31-3233569 E-mail: [email protected] http://www.volvo.com/volvoit/global/en-gb/ -----Original Message----- From: Linux on 390 Port [mailto:[email protected]] On Behalf Of Berry van Sleeuwen Sent: den 27 juli 2011 18:57 To: [email protected] Subject: Re: Samba security again Hi Mark, That was our first idea too but we were not able to get the correct setup for our goal. How should we setup the share config in a way that we get the correct write authorization? When we do not specify anything in the share a file gets username:defaultgroup. So for instance berry:users. But we'd want the files to get a permission based on the directory it is created in. So directory linux should get something like user:linux. When using forcegroup we do get the group right but the parameter in the share is then used for all files in all (sub)directories. So share MFPL would then get group MFPL instead of vmvse or linux. When using inherit group or inherit permission it still is not the way we exepected it. Even more so, inherit group looks like to be inherit user; the file is then created as root:users (root is owner for the directory, users is my default group). Regards, Berry. Op 27-07-11 17:25, Mark Post schreef: >>>> On 7/27/2011 at 10:12 AM, "van Sleeuwen, Berry"<[email protected]> > wrote: >> Would it be possible at all to assign permissions based on the directory >> instead of the share? > Since Samba doesn't override the native Linux permissions, you should be able > to do this with file system ACLs. > > > Mark Post > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO LINUX-390 or visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 > ---------------------------------------------------------------------- > For more information on Linux on System z, visit > http://wiki.linuxvm.org/ > > ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/ ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
