samba - Jan 2001 - Problem with permissions in samba 2.0.7 (umask?)

Dear All,

I've installed samba over linux, and after sucessfully defined some shares, 
I've come accross to a very annoying problem...

I have a share named "prd", where product info is stored there. This
share
is visible to all people at my department, writable, and that's fine...

However, I need that any user be able to modify, create, and even delete 
the files in that share, no matter who was the original user (owner) that 
created that folder or files...

I've modified the /etc/profile script, so now every user has a "umask
002"
set up when logged on... With this behavior, if my user X telnet to the 
server, and create a file inside the directory of the share, this file will 
be correctly umasked (002) so the file will be "rw-rw-r--"; i.e., 
group-writable...

However, if this same user X creates this very same file, this time from 
Windows (95/98), it will be created with umask=022, instead of 002... 
(permissions will be rw-r--r--).

I've read the docs., and in the smb.conf man page it clearly states:::
-------
Note  that the access rights granted by the server are masked by the access 
rights granted to the specified or guest UNIX user by the host system. The 
server does not grant more access than the host system grants.
-------
What I understood from here, is that samba doesn't do anything with 
permissions, but relies on the unix... well, my unix working fine, but 
samba doesn't....

BTW, my share definition is:.

[prd]
    comment = Informacion de Productos AMR
    path = /home/prd
    read only = no
    public = yes

Anything I've done wrong?

Thanks a lot,

Leo

Leonardo,
There are several smb.conf parameters that control the max permissions that
a file is created with when created on a share accessed by some smb client
like win98,98 or NT.
These will not override your UNIX umask 002, but will allow your files to be
created with those permissions; check out the following parameters:
create mask
force create mask
and 
create mode

this determines what unix permissions will be given (subject to the UNIX
umask, which will limit these masks)
when a file is created thru samba from a client.
Hope this helps; you can read more about them in the man page for smb.conf,
or in the "Using Samba" book by O'Reilly - an invaluable text for
anyone
setting up or administering a Samba server....
don

-----Original Message-----
From: Leonardo Lagos [mailto:llagos@amr.cl]
Sent: Tuesday, January 30, 2001 16:08
To: 'samba@lists.samba.org'
Subject: Problem with permissions in samba 2.0.7 (umask?)
Importance: High


Dear All,

I've installed samba over linux, and after sucessfully defined some shares, 
I've come accross to a very annoying problem...

I have a share named "prd", where product info is stored there. This
share
is visible to all people at my department, writable, and that's fine...

However, I need that any user be able to modify, create, and even delete 
the files in that share, no matter who was the original user (owner) that 
created that folder or files...

I've modified the /etc/profile script, so now every user has a "umask
002"
set up when logged on... With this behavior, if my user X telnet to the 
server, and create a file inside the directory of the share, this file will 
be correctly umasked (002) so the file will be "rw-rw-r--"; i.e., 
group-writable...

However, if this same user X creates this very same file, this time from 
Windows (95/98), it will be created with umask=022, instead of 002... 
(permissions will be rw-r--r--).

I've read the docs., and in the smb.conf man page it clearly states:::
-------
Note  that the access rights granted by the server are masked by the access 
rights granted to the specified or guest UNIX user by the host system. The 
server does not grant more access than the host system grants.
-------
What I understood from here, is that samba doesn't do anything with 
permissions, but relies on the unix... well, my unix working fine, but 
samba doesn't....

BTW, my share definition is:.

[prd]
    comment = Informacion de Productos AMR
    path = /home/prd
    read only = no
    public = yes

Anything I've done wrong?

Thanks a lot,

Leo