Jason Greene wrote:> We finally got our server to migrate to the new domain.
>
> Now when we access a share anyone can write to it.
>
> I removed the write list and valid users list and restarted samba... anyone
> can still access and write to it.
>
> Can some one school me on samba permissions?
>
I don't want to sound like a jerk, but this is fairly clearly explained
in the man page.> here is the share info
>
> drwxrwsrwx 10 user group 4096 Dec 19 08:16 dev
>
> [dev]
> path = /apps/dev
> create mask = 666
> directory mask = 2777
> valid user = removed for security (a bunch of domain groups)
> write list = removed for security (a bunch of domain groups)
>
write list: This is a list of users that are given read-write access
to a
service. If the connecting user is in this list then they will be
given write access, no matter what the read only option is set
to.> writeable = yes
>
writeable: Inverted synonym for read only.
read only: If this parameter is yes, then users of a service may not create
or modify files in the service's directory.
As you can see, setting "writeable = yes" allows anyone who connects
to
write to the share (depending on unix permissions). "write list" will
overrule the "read only" ("writeable") setting on a share
for certain
users. If you remove the "writeable = yes" line it will default to
read
only and only users in the write list will be able to make changes.
*Michael Heydon - IT Administrator *
michaelh@jaswin.com.au <mailto:michaelh@jaswin.com.au>