Bill, I would like to thank you again... well, > > I would run ls -ld /share/docs before doing 'chmod -R 750 /share/docs' > to see if the permissions had been changed. Also, I you should > use 2770 as the permissions. 2xxx sets the sticky bit which means > all files/directories created in this directory will have the group > of this directory. >
the permission changed right... no problem with this... Ok.. I will use 2xxx permission... I did not understood what means this '2' > > > I do not see /share/docs in your smb.conf. I see /home/docs > and /home/c. Where you put the share is important as far as > msec is concerned. I just create the share directory with another name... but using yours instructions... > > There are five security levels for msec. I am using security > level 3 for msec: > > [EMAIL PROTECTED] msec]# cat /etc/sysconfig/msec > META_CLASS=PowerPack > SECURE_LEVEL=3 > CLASS=expert > UMASK_ROOT=027 > UMASK_USER=022 > TMOUT=0 My security level is 3, and my msec file have this: UMASK_ROOT=022 SECURE_LEVEL=3 UMASK_USER=022 TMOUT=0 > > which means that msec will use /usr/share/msec/perm.3 as the > control file for setting permissions. If you use SECURE_LEVEL=2, > then examine /usr/share/msec/perm.2 and so on. Let us assume > you are level 3. Examine /usr/share/msec/perm.3. Do you see the lines: > /home/ root.root 755 > /home/* current 711 yes they are there... > > msec will decrease the permissions on /home to at most 755. However, > I think the next line is biting you. msec will set the permissions on > all directories off of /home to at most 711. Therefore, if /home/docs > is where you put the directory, msec is clobbering the permissions. If > you move /home/docs to /home/shares/docs then the permissions will not > be affected. This is what I would reccomend. hmmm... this is great! > > I, personally, use: > > [EMAIL PROTECTED] msec]# ls -ld /lan /lan/shares /lan/shares/Apps > drwxr-xr-x 9 root root 4096 Jul 26 2003 /lan/ > drwxr-x--x 23 bill smbusers 4096 Apr 30 00:08 /lan/shares/ > drwxrwsr-x 12 bill smbusers 4096 Jun 30 2003 /lan/shares/Apps/ > > [Apps] > comment = Windows/MS-DOS applications (r/w) > path = /lan/shares/Apps > browseable = yes > guest ok = yes > writeable = no > write list = @smbusers > create mask = 771 > directory mask = 770 > map hidden = yes > map system = yes > map archive = yes > available = yes > > smbusers is the group that I put all samba users in. It is not > affected by msec: > / root.adm 755 > which would affect /share, or by: > /home/* current 711 > which would affect /home/docs. > > msec is sometimes a pain, but I am learning to live with it. I > haven't disabled msec in the far chance that if my system ever > gets compromized, msec may help me. > > HTH, > Bill Shirley I will try to create the directories in /home/shares/docs to see what happens... when I install Mandrake, I create a partition for each /, /home, /usr, /var, /tmp directories, to avoid lost data in some crash... so maybe creating my shares directories in another partition than /home resolve this problem (?) I will try your hints and will let you know... Thank you again. Flávio Henrique
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
