On 12/30/2010 13:14, John Drescher wrote:
On Thu, Dec 30, 2010 at 3:56 PM, Christ Schlacta<li...@aarcane.org> wrote:
I have some shares on a media server that are considdered "Local, offline
content", namely they should be accessible if the rest of the network is
down, and each system has it's own group of users who are allowed to
maintain it. the media servers in the livingroom are only for my wife and
I, but each person can modify the one in their own bedroom and noone elses
bedroom. Furthermore, the users must be members of the group "Music" to be
allowed to modify music, and the group "Videos" to be allowed to modify
videos. currently my setup looks like this for rebirth:
[videos]
comment = Rebirth local Videos
path = /media/local/videos
write list = @rebirth
force group = videos
create mask = 0664
force create mode = 0664
directory mask = 0775
force directory mode = 0775
[music]
comment = Rebirth local Music
path = /media/local/music
write list = @rebirth
force group = music
create mask = 0664
force create mode = 0664
directory mask = 0775
force directory mode = 0775
but my fear is that someone not in the music group will still be able to
write to the shares. is there a way to make it explicitly require BOTH
groups to allow writing?
Get rid of the force group and properly use ACLs on the *nix filesystem.
John
the system is built around zfs, which sadly doesn't properly support
*nix ACLs yet. otherwise I would. zfs-fuse + ZFS-acls = bad things
happen easily.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba