Hi All, Can somebody help me set this up. I'm trying to set up a public folder on my SAMBA server which will let my users create their own folders to store their files. And not let everyone delete them. Following are the problems I'm having: 1) If I set the directory rights to 755 on /exports and share the /exports/public directory with ~/public set to 755 Users can't create folders under ~/public. 2) If I set the directory rights to 777 they can create folders. But everybody can delete them. That is even if they change permissions To read only through windows. Here's my smb,conf settings [global] workgroup = projects guest account = guest browseable = yes domain controller = 172.17.17.17 password server = nt_pdc security = server log level = 2 log file = /logs/sambalogs/log.%m password level = 9 encrypted password = yes lock directory = /lock/sambalocks remote announce = 172.17.17.255/projects wins server = nt_wins strict locking = yes server string = SAMBA1 [public] comment = public path = /export/public browseable = yes public = yes guest account = guest guest ok = yes read only = no locking = yes write list = @myguys create mode = 0655 printable = no mangled names = yes Can somebody tell me what I'm missing or doing wrong. Thanks in advance Than
You must set the sticky bit (chmod 1777). Then only the owner of ~/public and the owner of the created directory are able to delete it. -Erwin On Samstag, 13. September 1997 00:33, Maung, Than wrote:> Hi All, > > Can somebody help me set this up. > > > I'm trying to set up a public folder on my SAMBA server which will let > my users create their own folders to store their files. > And not let everyone delete them. > Following are the problems I'm having: > > 1) If I set the directory rights to 755 on /exports and share the > /exports/public directory with ~/public set to 755 > > Users can't create folders under ~/public. > > 2) If I set the directory rights to 777 they can create folders. > But everybody can delete them. That is even if they change permissions > To read only through windows. >-- Erwin Authried Softwareentwicklung und Systemdesign
Maung, Than wrote:> > I'm trying to set up a public folder on my SAMBA server which will let > my users create their own folders to store their files. > And not let everyone delete them.I ended up doing something similar but was concerned about name collisions within the top level. That is, what happens if two people both want to have a file or folder called "foo"? Instead I create a unique share within the public folder (called "scratch") for each user on the fly. Here's how I set this up. First the share definition: [scratch] guest ok = no path = /scratch/%u read only = no root preexec = /var/local/etc/scratch.preexec %u %g The scratch.preexec script makes sure that /scratch/%u exists and sets the correct ownership permissions. Here's what the script looks like: #!/bin/sh exec >> /dev/null 2>&1 ntuser=$1 group=$2 umask 22 if [ ! -d /scratch/${ntuser} ] then mkdir /scratch/${ntuser} chown ${ntuser}:${group} /scratch/${ntuser} fi exit 0 The only drawback in this scheme is that users can not easily access each other's scratch files. I hope this helps. Christopher Kranz clk@cs.princeton.edu -- Christopher Kranz | Systems Programmer | clk@CS.Princeton.EDU 35 Olden St., Room 211 | Computer Science Dept. | Voice: 609-258-1747 Princeton, NJ 08544-2087 | Princeton University | FAX: 609-258-1771 ==========================PGP V2.6.2 key available=======================
Try setting the "sticky bit" on /exports/public: chmod 1777 /exports/public This wil prevent others than owner from deleting files in /exports/public. Heinrich Rebehn University of Bremen Physics / Electrical and Electronics Engineering - Department of Telecommunications - E-mail: mailto:rebehn@comm.uni-bremen.de Phone : +49/421/218-4664 Fax : -3341
I have a problem. I am not sure if this is possible but I will ask anyway. When I log into a samba server from a windows98 client everything works fine. I map a drive to my home directory and that to works fine. My question is when in that folder, is there a way to edit the permissions on the folders within on the linux level. My delima: I have a Professor who wants her class to be able to write but not read to one folder.(so they can not see each others papers) She want another folder full access, and the other folder to be read only. Now creating folders with these permissions is not hard by any means for me. Her question was is there a way to change the permissions to these files at any given time. She will be logging in from a window98 client. I can not see any way to change permissions. Any ideas?? Wayned Dozier Greensboro College Network Administrator
At 15:04 18/12/01 -0500, you wrote:>I have a problem. I am not sure if this is possible but I >will ask anyway. When I log into a samba server from a >windows98 client everything works fine. I map a drive to my >home directory and that to works fine. My question is when >in that folder, is there a way to edit the permissions on >the folders within on the linux level. > >My delima: >This appears to be a common "problem" in school networks :-) I solved the problem indirectly using a C program and a cron job - described below, and Andrew Bartlett solved the problem using a Web based solution. I have attached a copy of a previous email with the details of both here. If you want the C source let me know - I will send it on, if Andrews Solution would fit better you would need to contact him Richard S /*** Previous Email *****/> >Does anyone know how to set a WRITE only share for one group of users but a > >second group has both read and write permission on the same share? What to > >enable students to submit assignments to a common share but teachers have > >the ability to read from the same share. > > > > > >Thanks for your help > > > >Andrew Minett > >-- > > > > I tried to do this, but found that Win9x made it impossible to do Write > permission automatically implies read permission. What I did do was > > Create a share for pupils to put homework into > Run a small app that runs as a cron job every minute that takes all files > from the homework share and all sub-directories and moves them > to another share (and matching sub-directories) accessible by teachers > only. The app pre-pends a date/time stamp to the filename as well ie > Homework.doc becomes 1203_0401_Homework.doc in the teachers share > > This approach solved a couple of related problems:- > > Stops pupils overwriting files by another pupil they could not see on a > write only share > If the work is submitted more than once, the date/time stamp shows the > submissions as separate files > By moving them (and changing permissions) the files became completely > unavailable to the pupils 1 min or so after submission preventing then from > changing them. > > If this is of any use to you I would be happy to send the C source code > directly - or make it available to anyone else that had a use for it as > well :-)Andrew Bartletts Solution.... My solution to this problem was web-based: Setup a file-upload form that also checked username and password, dumping the file in a samba-accessable location (symlinked into the teachers home dir).>I have a Professor who wants her class to be able to write >but not read to one folder.(so they can not see each others >papers) She want another folder full access, and the other >folder to be read only. > >Now creating folders with these permissions is not hard by >any means for me. Her question was is there a way to change >the permissions to these files at any given time. > >She will be logging in from a window98 client. I can not >see any way to change permissions. Any ideas?? > >Wayned Dozier >Greensboro College >Network Administrator > >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > >
How do you prevent the cron job solution from copying only part of the file, if it happens to be run while the file is being written? -----Original Message----- From: Richard Smart [mailto:rsmart@netaccess.co.nz] Sent: Wednesday, December 19, 2001 5:30 AM To: Wayne Dozier Cc: samba@lists.samba.org Subject: Re: Folder Permissions At 15:04 18/12/01 -0500, you wrote:>I have a problem. I am not sure if this is possible but I >will ask anyway. When I log into a samba server from a >windows98 client everything works fine. I map a drive to my >home directory and that to works fine. My question is when >in that folder, is there a way to edit the permissions on >the folders within on the linux level. > >My delima: >This appears to be a common "problem" in school networks :-) I solved the problem indirectly using a C program and a cron job - described below, and Andrew Bartlett solved the problem using a Web based solution. I have attached a copy of a previous email with the details of both here. If you want the C source let me know - I will send it on, if Andrews Solution would fit better you would need to contact him Richard S /*** Previous Email *****/> >Does anyone know how to set a WRITE only share for one group of users buta> >second group has both read and write permission on the same share? Whatto> >enable students to submit assignments to a common share but teachers have > >the ability to read from the same share. > > > > > >Thanks for your help > > > >Andrew Minett > >-- > > > > I tried to do this, but found that Win9x made it impossible to do Write > permission automatically implies read permission. What I did do was > > Create a share for pupils to put homework into > Run a small app that runs as a cron job every minute that takes all files > from the homework share and all sub-directories and moves them > to another share (and matching sub-directories) accessible by teachers > only. The app pre-pends a date/time stamp to the filename as well ie > Homework.doc becomes 1203_0401_Homework.doc in the teachers share > > This approach solved a couple of related problems:- > > Stops pupils overwriting files by another pupil they could not see on a > write only share > If the work is submitted more than once, the date/time stamp shows the > submissions as separate files > By moving them (and changing permissions) the files became completely > unavailable to the pupils 1 min or so after submission preventing thenfrom> changing them. > > If this is of any use to you I would be happy to send the C source code > directly - or make it available to anyone else that had a use for it as > well :-)Andrew Bartletts Solution.... My solution to this problem was web-based: Setup a file-upload form that also checked username and password, dumping the file in a samba-accessable location (symlinked into the teachers home dir).>I have a Professor who wants her class to be able to write >but not read to one folder.(so they can not see each others >papers) She want another folder full access, and the other >folder to be read only. > >Now creating folders with these permissions is not hard by >any means for me. Her question was is there a way to change >the permissions to these files at any given time. > >She will be logging in from a window98 client. I can not >see any way to change permissions. Any ideas?? > >Wayned Dozier >Greensboro College >Network Administrator > >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > >-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba