Dennis,
Maybe this instead:
inherit permissions (S)
The permissions on new files and directories are normally governed
by create mask
<http://debpdc:901/swat/help/manpages/smb.conf.5.html#CREATEMASK>,
directory mask
<http://debpdc:901/swat/help/manpages/smb.conf.5.html#DIRECTORYMASK>, force
create mode
<http://debpdc:901/swat/help/manpages/smb.conf.5.html#FORCECREATEMODE>
and force directory mode
<http://debpdc:901/swat/help/manpages/smb.conf.5.html#FORCEDIRECTORYMODE>
but the boolean inherit permissions parameter overrides this.
New directories inherit the mode of the parent directory, including
bits such as setgid.
New files inherit their read/write bits from the parent directory.
Their execute bits continue to be determined by map archive
<http://debpdc:901/swat/help/manpages/smb.conf.5.html#MAPARCHIVE>,
map hidden
<http://debpdc:901/swat/help/manpages/smb.conf.5.html#MAPHIDDEN> and
map system
<http://debpdc:901/swat/help/manpages/smb.conf.5.html#MAPSYSTEM> as
usual.
Note that the setuid bit is /never/ set via inheritance (the code
explicitly prohibits this).
This can be particularly useful on large systems with many users,
perhaps several thousand, to allow a single [homes] share to be used
flexibly by each user.
Default: //|inherit permissions|/ = |no| /
Dale
On 10/04/2010 11:00 AM, Dennis Jacobfeuerborn wrote:
Hi,
I'm trying to get samba to force a certain set of permissions for
files and directories but so far I don't have much success. This is
what I'm trying to enforce:
create mask = 0770
security mask = 0770
directory mask = 0770
directory security mask = 0770
force create mode = 0660
force security mode = 0660
force directory mode = 0770
force directory security mode = 0770
force group = publisher
Yet when a client creates a directory it ends up with the permissions
set to 755 instead. My guess is that the client changes the
permissions after the directory is created so I'm wondering how I can
prevent that from happening.
What I'm trying to accomplish is to make it possible for members of
the group "publisher" to always read/write each others files and enter
directories.
Regards,
Dennis
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba