Greetings list- I have a Samba-centric question to ask. I have a particular user who claims Samba has the ability to allow users to create/edit/modify existing files of a share but NOT delete them. To my knowledge, the aforementioned permissions require the user to have write access to the share which *ALSO* gives them the ability to delete files as well. The Samba server is nothing special, simply the latest Samba running on CentOS 5, ext3 filesystem. I''ve been around and around on this topic and I''m just hoping someone can give me a little sanity by confirming ''yay or nay'' whether this is possible or not. --Tim
on 2-19-2009 11:54 AM Tim Nelson spake the following:> Greetings list- > > I have a Samba-centric question to ask. I have a particular user who claims Samba has the ability to allow users to create/edit/modify existing files of a share but NOT delete them. To my knowledge, the aforementioned permissions require the user to have write access to the share which *ALSO* gives them the ability to delete files as well. > > The Samba server is nothing special, simply the latest Samba running on CentOS 5, ext3 filesystem. > > I''ve been around and around on this topic and I''m just hoping someone can give me a little sanity by confirming ''yay or nay'' whether this is possible or not. > > --TimIt is possible that a user can create a file that another user can''t delete. But a user should be able to delete anything he/she created. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don''t!!!! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 258 bytes Desc: OpenPGP digital signature Url : http://lists.centos.org/pipermail/centos/attachments/20090219/299576d5/attachment.bin
Tim Nelson wrote:> I''ve been around and around on this topic and I''m just hoping someone can > give me a little sanity by confirming ''yay or nay'' whether this is possible > or not.It may be possible to prevent them from deleting a file, but if they have write access it wouldn''t be possible from effectively deleting the file by wiping it''s contents(truncating it). nate
On Thu, Feb 19, 2009 at 12:15 PM, nate <centos at linuxpowered.net> wrote:> Tim Nelson wrote: > >> I''ve been around and around on this topic and I''m just hoping someone can >> give me a little sanity by confirming ''yay or nay'' whether this is possible >> or not. > > It may be possible to prevent them from deleting a file, but if they > have write access it wouldn''t be possible from effectively deleting > the file by wiping it''s contents(truncating it). >However, file creation and deletion are functions of the directory permissions where the file resides. If a directory allows a user to write to it, they can create and delete files in that directory with reckless abandon. There are probably some intricate ways around this particular problem, but they can get pretty complicated really fast. HTH. mhr
----- "MHR" <mhullrich at gmail.com> wrote:> On Thu, Feb 19, 2009 at 12:15 PM, nate <centos at linuxpowered.net> > wrote: > > Tim Nelson wrote: > > > >> I''ve been around and around on this topic and I''m just hoping > someone can > >> give me a little sanity by confirming ''yay or nay'' whether this is > possible > >> or not. > > > > It may be possible to prevent them from deleting a file, but if > they > > have write access it wouldn''t be possible from effectively deleting > > the file by wiping it''s contents(truncating it). > > > However, file creation and deletion are functions of the directory > permissions where the file resides. If a directory allows a user to > write to it, they can create and delete files in that directory with > reckless abandon. > > There are probably some intricate ways around this particular > problem, > but they can get pretty complicated really fast. > > HTH. > > mhrI''ve been trying to devise a way around this problem and as you mentioned, it gets extremely complicated quickly. It''s even more complicated than allowing users to delete files and restoring the file from a backup set. Well, at least I don''t feel I''m going insane anymore (for now...). Thank you to all who responded. --Tim
on 2-19-2009 1:31 PM Tim Nelson spake the following:> ----- "MHR" <mhullrich at gmail.com> wrote: >> On Thu, Feb 19, 2009 at 12:15 PM, nate <centos-T6AQWPvKiI1cRAk/VAjCeQ at public.gmane.org> >> wrote: >>> Tim Nelson wrote: >>> >>>> I''ve been around and around on this topic and I''m just hoping >> someone can >>>> give me a little sanity by confirming ''yay or nay'' whether this is >> possible >>>> or not. >>> It may be possible to prevent them from deleting a file, but if >> they >>> have write access it wouldn''t be possible from effectively deleting >>> the file by wiping it''s contents(truncating it). >>> >> However, file creation and deletion are functions of the directory >> permissions where the file resides. If a directory allows a user to >> write to it, they can create and delete files in that directory with >> reckless abandon. >> >> There are probably some intricate ways around this particular >> problem, >> but they can get pretty complicated really fast. >> >> HTH. >> >> mhr > > I''ve been trying to devise a way around this problem and as you mentioned, it gets extremely complicated quickly. It''s even more complicated than allowing users to delete files and restoring the file from a backup set. Well, at least I don''t feel I''m going insane anymore (for now...). > > Thank you to all who responded. > > --TimI have enabled the recycle bin vfs object on my systems. That way a user has to really try and delete a file to make it go away. Like windows, they would have to delete it, go look in the recycle bin (that you can hide) and delete it again. It has saved me many hours of recovering stuff. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don''t!!!! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 258 bytes Desc: OpenPGP digital signature Url : http://lists.centos.org/pipermail/centos/attachments/20090219/9c3cc652/attachment.bin
----- "Scott Silva" <ssilva at sgvwater.com> wrote:> on 2-19-2009 1:31 PM Tim Nelson spake the following: > > ----- "MHR" <mhullrich at gmail.com> wrote: > >> On Thu, Feb 19, 2009 at 12:15 PM, nate > <centos-T6AQWPvKiI1cRAk/VAjCeQ at public.gmane.org> > >> wrote: > >>> Tim Nelson wrote: > >>> > >>>> I''ve been around and around on this topic and I''m just hoping > >> someone can > >>>> give me a little sanity by confirming ''yay or nay'' whether this > is > >> possible > >>>> or not. > >>> It may be possible to prevent them from deleting a file, but if > >> they > >>> have write access it wouldn''t be possible from effectively > deleting > >>> the file by wiping it''s contents(truncating it). > >>> > >> However, file creation and deletion are functions of the directory > >> permissions where the file resides. If a directory allows a user > to > >> write to it, they can create and delete files in that directory > with > >> reckless abandon. > >> > >> There are probably some intricate ways around this particular > >> problem, > >> but they can get pretty complicated really fast. > >> > >> HTH. > >> > >> mhr > > > > I''ve been trying to devise a way around this problem and as you > mentioned, it gets extremely complicated quickly. It''s even more > complicated than allowing users to delete files and restoring the file > from a backup set. Well, at least I don''t feel I''m going insane > anymore (for now...). > > > > Thank you to all who responded. > > > > --Tim > I have enabled the recycle bin vfs object on my systems. That way a > user has > to really try and delete a file to make it go away. Like windows, they > would > have to delete it, go look in the recycle bin (that you can hide) and > delete > it again. > It has saved me many hours of recovering stuff.Ooooooo! This may indeed be a partial solution. ''Administrators'' could have access to the Recycle Bin to restore deleted items where ''users'' would not have access. Interesting... --Tim
on 2-19-2009 1:53 PM Tim Nelson spake the following:> ----- "Scott Silva" <ssilva at sgvwater.com> wrote: >> on 2-19-2009 1:31 PM Tim Nelson spake the following: >>> ----- "MHR" <mhullrich at gmail.com> wrote: >>>> On Thu, Feb 19, 2009 at 12:15 PM, nate >> <centos-T6AQWPvKiI1cRAk/VAjCeQ at public.gmane.org> >>>> wrote: >>>>> Tim Nelson wrote: >>>>> >>>>>> I''ve been around and around on this topic and I''m just hoping >>>> someone can >>>>>> give me a little sanity by confirming ''yay or nay'' whether this >> is >>>> possible >>>>>> or not. >>>>> It may be possible to prevent them from deleting a file, but if >>>> they >>>>> have write access it wouldn''t be possible from effectively >> deleting >>>>> the file by wiping it''s contents(truncating it). >>>>> >>>> However, file creation and deletion are functions of the directory >>>> permissions where the file resides. If a directory allows a user >> to >>>> write to it, they can create and delete files in that directory >> with >>>> reckless abandon. >>>> >>>> There are probably some intricate ways around this particular >>>> problem, >>>> but they can get pretty complicated really fast. >>>> >>>> HTH. >>>> >>>> mhr >>> I''ve been trying to devise a way around this problem and as you >> mentioned, it gets extremely complicated quickly. It''s even more >> complicated than allowing users to delete files and restoring the file >> from a backup set. Well, at least I don''t feel I''m going insane >> anymore (for now...). >>> Thank you to all who responded. >>> >>> --Tim >> I have enabled the recycle bin vfs object on my systems. That way a >> user has >> to really try and delete a file to make it go away. Like windows, they >> would >> have to delete it, go look in the recycle bin (that you can hide) and >> delete >> it again. >> It has saved me many hours of recovering stuff. > > Ooooooo! This may indeed be a partial solution. ''Administrators'' could have access to the Recycle Bin to restore deleted items where ''users'' would not have access. Interesting... > > --TimAnd you can also set it to keep versions of deleted files. Pretty cool! But beware of most of the docs on the internet that mention creating a "recycle.conf" file. That option has been broken for some time, and you need to put all the definitions into smb.conf directly. Check the last post on this page for the syntax; http://ubuntuforums.org/showthread.php?t=155763&page=2 -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don''t!!!! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 258 bytes Desc: OpenPGP digital signature Url : http://lists.centos.org/pipermail/centos/attachments/20090219/095e6b15/attachment.bin
On Thursday 19 February 2009 04:29:03 pm MHR wrote:> On Thu, Feb 19, 2009 at 12:15 PM, nate <centos at linuxpowered.net> wrote: > > Tim Nelson wrote: > >> I''ve been around and around on this topic and I''m just hoping someone > >> can give me a little sanity by confirming ''yay or nay'' whether this is > >> possible or not. > > > > It may be possible to prevent them from deleting a file, but if they > > have write access it wouldn''t be possible from effectively deleting > > the file by wiping it''s contents(truncating it). > > However, file creation and deletion are functions of the directory > permissions where the file resides. If a directory allows a user to > write to it, they can create and delete files in that directory with > reckless abandon. > > There are probably some intricate ways around this particular problem, > but they can get pretty complicated really fast.I''ve always ''enjoyed'' the solutions the samba team found for interoperability. Here''s a good reference that provides the juicy details: http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html Makes me shudder just to read it again . . . A => > HTH. > > mhr > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos-- This message has been scanned for viruses and dangerous content by Avantel Systems, and is believed to be clean.
Tim Nelson wrote on Thu, 19 Feb 2009 13:54:41 -0600 (CST):> I have a particular user who > claims Samba has the ability to allow users to create/edit/modify > existing files of a share but NOT delete them.Not samba-specific. The sticky bit could help in this if I recall right. If you regularly reown the files to root users will still be able to create and edit, but not delete (unless in the short time until next reown). There might also be extended ACL that could do that. And setgid might be able to help in this mix as well. Kai -- Kai Sch?tzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com
> I''ve always ''enjoyed'' the solutions the samba team found for > interoperability. > Here''s a good reference that provides the juicy details: > > http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html > > Makes me shudder just to read it again . . . > > A > =>Ugh. Well, I did find an ''interesting'' paragraph from the page you referencedthat seems to sum up my problem: --BEGIN-- Protecting Directories and Files from Deletion People have asked on the Samba mailing list how is it possible to protect files or directories from deletion by users. For example, Windows NT/2K/XP provides the capacity to set access controls on a directory into which people can write files but not delete them. It is possible to set an ACL on a Windows file that permits the file to be written to but not deleted. Such concepts are foreign to the UNIX operating system file space. Within the UNIX file system anyone who has the ability to create a file can write to it. Anyone who has write permission on the directory that contains a file and has write permission for it has the capability to delete it. --END-- --Tim
Tim Nelson wrote:> >>> It may be possible to prevent them from deleting a file, but if >> they >>> have write access it wouldn''t be possible from effectively deleting >>> the file by wiping it''s contents(truncating it). >>> >> However, file creation and deletion are functions of the directory >> permissions where the file resides. If a directory allows a user to >> write to it, they can create and delete files in that directory with >> reckless abandon. >> >> There are probably some intricate ways around this particular >> problem, >> but they can get pretty complicated really fast. >> > > I''ve been trying to devise a way around this problem and as you mentioned, it gets extremely complicated quickly. It''s even more complicated than allowing users to delete files and restoring the file from a backup set. Well, at least I don''t feel I''m going insane anymore (for now...). > > Thank you to all who responded.If you really want a versioning facility where you can commit things to a repository in a way that any version ever committed can be recalled, look at subversion or similar systems (and use the server setup, don''t let users have write access through the filesystem). There are cross platform tools for subversion that you can use instead of samba. If nightly backups are sufficient, look at backuppc (http://backuppc.sourceforge.net/). It makes the restores as simple as selecting what you want in a web interface and is very efficient with the required on-line disk space. -- Les Mikesell lesmikesell at gmail.com