* <[EMAIL PROTECTED]> [29/07/2005 1119EDT]: > I am working on my permissions and something does not quite make sense > to me. Here is what I have set. > > /DIR (Unix permissions are 3777) > > Then in samba I have the following > > [dir] > path = /DIR > read only = no > valid users @teach @student > create mask 3660 > directory mask 3770 > > Then from a windows workstation, I create a new directory inside 'dir', > and call it 'teach'. > > The permissions of 'teach' are 2770. It looks like it should be 3770 to > me since the 'directory mask' commands does a bitwise 'AND'. Anyone > know why this is? Maybe it is because of the DOS attributes or something.
You're right about the bitwise AND.
But default mode for a new directory is 0777. Observe:
[EMAIL PROTECTED]:~$ cd tmp
[EMAIL PROTECTED]:~/tmp$ umask 0
[EMAIL PROTECTED]:~/tmp$ umask
0000
[EMAIL PROTECTED]:~/tmp$ file foodir
foodir: cannot open (foodir)
[EMAIL PROTECTED]:~/tmp$ mkdir foodir
[EMAIL PROTECTED]:~/tmp$ ls -ld foodir
drwxrwxrwx 2 kw users 4096 Jul 29 11:59 foodir
However, your new directory *inherited* the setgid bit (effectively a
bitwise OR); this is simply the behavior of setgid bits on directories.
From the man page for the stat() system call (section 2):
The set GID bit (S_ISGID) has several special uses: For a
directory it indicates that BSD semantics is to be used for
that directory: files created there inherit their group ID from
the directory, not from the effective gid of the creating
process, and directories created there will also get the S_ISGID
bit set. For a file that does not have the group execution
bit (S_IXGRP) set, it indicates mandatory file/record locking.
So, for your case:
(3770 & 0777) | 2000 = 2770
It is doing exactly what it should be doing. :)
Keith
--
SA Valaran Corp
GPG: 0xEC705AE9
I put the sh in IT.
pgp7T4uJeN89b.pgp
Description: PGP signature
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
