Hi,
I have an Ubuntu server acting as PDC on a LAN whose client
have WIN Xp professional installed.
Domain's users are divided into different groups. Let's
focus on only two of them, say group1 and group2.
Now I have a share defined in smb.conf as follows:
[shareName]
comment = shareName
path = /home/ut/shareName
read only = No
guest ok = no
create mask = 0665
directory mask = 0770
force group = group1
Access rights for shareName are : rwxrwxr-x.
There's a subdir of shareName whose access rights are:
rwxrwx---
I'd like that no one not belonging to group1 could access to this subdir.
Unfotunately, accessing from a win xp client, users belonging to group2
could visit and listing the subdir.
Surprisingly, this doesn't occurs if I modify the subdir's access rights
so
that they become: rwx---r-x.
It seems like group access specification were swapped with others access
ones, but I can't understand why.
Of course I'd like to have a more consistent behaviour. Is there something
I'm missing?
Otherwise, how can I do to fix what looks like a mistake?
Thanks in advance
Marco
On Fri, Aug 07, 2009 at 11:24:41PM +0200, Marco Lovadina wrote:> Hi, > > I have an Ubuntu server acting as PDC on a LAN whose client > have WIN Xp professional installed. > > Domain's users are divided into different groups. Let's > focus on only two of them, say group1 and group2. > > Now I have a share defined in smb.conf as follows: > > > > [shareName] > > comment = shareName > > path = /home/ut/shareName > > read only = No > > guest ok = no > > create mask = 0665 > > directory mask = 0770 > > force group = group1 > > > > Access rights for shareName are : rwxrwxr-x. > > There's a subdir of shareName whose access rights are: > rwxrwx--- > > > > I'd like that no one not belonging to group1 could access to this subdir. > > Unfotunately, accessing from a win xp client, users belonging to group2 > could visit and listing the subdir. > > Surprisingly, this doesn't occurs if I modify the subdir's access rights so > that they become: rwx---r-x. > > It seems like group access specification were swapped with others access > ones, but I can't understand why. > > Of course I'd like to have a more consistent behaviour. Is there something > I'm missing? > > Otherwise, how can I do to fix what looks like a mistake?Need more info. What are the ownerships on those directories ? FYI. PLEASE DON'T JUST REPLY TO ME. Please reply to the list. Many people send emails directly to me once I've replied on-list, and I don't have any bandwidth to do a private conversation and summarize on list. Thanks, Jeremy.
Maybe Matching Threads
- insertion of a row between individuals
- No write permission if POSIX bits 0 on ZFS written by M$ Office - dos_mode returning r
- Reclassify string values
- negative p-values from fisher's test (PR#7801)
- missing level of a nested factor results in an NA in lm output