samba - Dec 2006 - Samba file security

I am newbie for samba configuration at security level. I have read all the
documents but could not resolve my problem.  My problem is as below and would
like your help to resolve it

I have installed Samba - 3.0.0-14 on Redhat ES 3 and everthing is working fine.
But I want that all the member can read the files and put the file on shared
folder but can not delete it.  I want to protect it from deletion.  Only the
super user of the system can delete it but not the samba users.

Please guide me on this problem.

Thanks - Naveen

On the share in smb.conf set 'read list' and 'write list' for
that
users that you want such permission.


On 12/5/06, Naveen C Joshi <naveen_joshi@intersolutions.stpn.soft.net>
wrote:
> I am newbie for samba configuration at security level. I have read all the
documents but could not resolve my problem.  My problem is as below and would
like your help to resolve it
>
> I have installed Samba - 3.0.0-14 on Redhat ES 3 and everthing is working
fine. But I want that all the member can read the files and put the file on
shared folder but can not delete it.  I want to protect it from deletion.  Only
the super user of the system can delete it but not the samba users.
>
> Please guide me on this problem.
>
> Thanks - Naveen
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>

-- 
***
Cleber P. de Souza

I am agree with you after setting the "create mask = 0555" &
"directory mask = 0555". Newly created gets the permission of 544 see
below. I am not able to delete this from the some of the windows2kprofessional
machines its OK what I want.......But from some of the windows machines I am
able to delete the same file with same user(here k1 is the sambauser and also
the machine user).

-r-xr--r--    1 k1       system        273 Nov 23 13:54 cm.txt

I also changed the force owner & force group. But it didn't help, the
owner who is posting the file is deleting the same file, which I don't want.

 [ My requirement : anyone(valid user) can post the file in samba share, but not
delete/modify that file ]

We are using 
Redhat Linux ES 3
Samba - 3.0.0-14 
  ----- Original Message ----- 
  From: Matt Skerritt 
  To: Naveen C Joshi 
  Cc: samba@lists.samba.org 
  Sent: Wednesday, December 06, 2006 7:58 PM
  Subject: Re: [Samba] Samba file security




  On 07/12/2006, at 12:42 AM, Naveen C Joshi wrote:


    I have created the "read list" and "write list", but I
want that "write list" members also can not delete the files once they
upload it on samba server. While the "read list" members can only read
the files but can not upload files on the samba server.





  Hmmm ... do you want to them to be able to be able to change the contents of
the files, but not delete them? If so then I think it's impossible for a
filesystem that uses the posix rwx file permission bits. It may be possible if
you're using solaris with zfs, I'm not sure - I'll check on my
server later but your initial email said you were using Redhat so I guess it
doesn't matter. If you want the users to only be able to add new files (but
never change or delete old files) then just set the file create mask to make
sure that newly created files don't get write permissions, like Cleber P. de
Souza suggested in the other email.


  --
  Matt Skerritt
  matt.skerritt@agrav.net