On Tue, Aug 18, 2009 at 8:48 AM, jw<jwde...@gmail.com> wrote: > Hello > I am trying to create a 'dropbox' share, using the sticky bit and > 'inherit owner'. > > By themselves they work, but when a directory is created in this > share, its permissions are not quite what I need. > Therefore, I try to use 'force directory mode' or 'inherit permissions'. > However, whenever I do that, the owner on the newly-created directory > is no longer correct w/regard to 'inherit owner'. > > Is this correct behavior, or a bug? > > Here are details: > > The directory I'm sharing: > drwsrwsr-t 2 nobody sambaguest 512 Aug 17 22:18 myshare > > My smb.config (well, the relevant part): > > # ... snip > guest account = sambaguest > # ... snip > [myshare] > comment = my share > path = /path/to/myshare > public = yes > read only = no > writable = yes > browseable = yes > printable = no > inherit owner = yes > #inherit permissions = yes > #directory mode = 3770 > #force directory mode = 3770 > > As it is written above, when I create a directory from a windows box > it looks like: > > drwxr-xr-x 2 nobody sambaguest 512 Aug 17 22:19 New Folder > > Correct ownership but I want group write and the sticky bit to be set, > as in the parent directory. > So I uncomment 'inherit permissions', create another directory, and get: > > drwxr-xr-x 2 nobody sambaguest 512 Aug 17 22:26 New Folder (2) > > No change. Anyone know why inherit permissions would have no effect here? > I would expect the sticky bit, sgid, and the group-write of the parent > directory to apply to the new directory. > > So I comment 'inherit permissions' back out, and instead try the pair > of lines with 'directory mode' and 'force directory mode'. > Then a newly created dir looks like: > > drwxrwsr-t 2 sambaguest sambaguest 512 Aug 17 22:32 New Folder (3) > > ARG! Perfect permissions, but the user is wrong, which lets people > modify (rename, delete, etc) the directory. Normally, the sticky bit > would prevent this since the owner would be 'nobody'. But now the > owner is 'sambaguest', so users can wreak havoc on these newly created > dirs... > > Can anybody explain to me what I'm missing? > I have researched this a bit and tried various things, but nothing has > worked so far... > > This is Samba 3.3.6 on FreeBSD 7.2-RELEASE > > Thanks, > John > --
force user = nobody maybe this could help you? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba