The key for delete is the permissions of the parent directory not the
file. If a user has write access to the directory he can delete files
in that directory. Check out the chmod man page for references to the
sticky bit for a directory. Here is a quote from the IRIX man page
(Linux should be similar)
If a directory is writable and the sticky bit, (t), is set on the
directory, a process may remove or rename files within that
directory
only if one or more of the following is true (see unlink(2) and
rename(2)):
the effective user ID of the process is the same as that of
the
owner ID of the file
the effective user ID of the process is the same as that of
the
owner ID of the directory
the process is a superuser.
Esben Laursen wrote:
Im haveing a problem with my profiles share on my Samba 2.2.3 PDC server.
I have a share like this:
[profiles]
path = /home/samba/profiles
writeable = yes
create mask = 0700
directory mask = 0700
browsable = no
valid users = root,@smbusers
The roaming profile works just fine with windows2k, and the users can't read the
other profiles (they get a access denied if they try to access another profile
then their own) thats great, BUT they can delete the other profiles.
It aint only the profiles share but all files, and thats pretty much a problem here
=)
Here is a ls of the profiles directory:
linux:/home/samba/profiles# ls -l
total 12
drwx-- 14 emma emma 4096 Jun 19 22:18 emma
drwx-- 19 esbenesben4096 Jun 17 20:00 esben
drwx-- 14 root root 4096 May 17 21:13 root
linux:/home/samba/profiles#
So the user esben cant read the emma folder but he can delete it witch is pretty bad
=)
How can I fix this?
Kind Regards
Esben
Ps. Here is my [global] section:
[global]
netbios name = linux2
server string = Samba %v on %L
workgroup = domain
add user script = /usr/sbin/useradd -d /dev/null -g nobody -s /bin/false -M %u
os level = 65
prefered master = yes
domain master = yes
local master = yes
domain logons = yes
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
time server = yes
hide dot files = yes
security = user
guest ok = no
invalid users = bin deamon sys man mail ftp
admin users = @root
domain admin group = root,@admins
encrypt passwords = yes
log level = 2
log file = /var/log/samba/log.%L
max log size = 1000
debug timestamp = yes
syslog = 1
hosts allow = 192.168.1. 127. 62.79.110.
; user roaming profiles path
logon path = \\%L\profiles\%u
client codepage = 850
valid chars = æ:Æ ø:Ø å:Å
logon script = logon.bat
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
--
==
Herb Lewis Silicon Graphics
Networking Engineer 1600 Amphitheatre Pkwy MS-510
Strategic Software Organization Mountain View, CA 94043-1351
[EMAIL PROTECTED] Tel: 650-933-2177
http://www.sgi.com Fax: 650-932-2177
PGP Key: 0x8408D65D
==
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
