Hi all,
I like to restrict the access to certain files in a samba share via Linux file
permissions.
During configuration i encountered a problem, which puzzels me. I want to
restrict a
subtree of a share to a certain unix group and another subtree of this subtree
to
another group, which is a subset of the first. In effect this looks like this:
directory a (suid group x)
subdirectories b (suid group x) c (suid group y)
with a, b belonging to group x and c to group y, all members of x are also
members
of y. The Linux-permissions are set to 2775, the suid bit for the groups is set.
The
permissions for files are set to 660.
Now comes the problem:
If a user, who is member in both, group x and y wants to modify a file created
by
antother user. In directory a and b this works fine, the user has readwrite
access to
the file. In subtree c however the user has no permissions to access the file.
Needless to say accessing the same files from linux, everything works fine.
Here is the configuration of my share:
comment = grptest
path = /taskit/testshare
guest account = nobody
valid users = @x, @y
read only = No
create mask = 0660
directory mask = 775
force create mode = 0660
force directory mode = 02775
inherit permissions = No //changing this parameter didn't change
anything
delete readonly = Yes
The map archive etc directives are all set to no. I use samba version 2.21a.
Extensive logging didn't show anything informative in regard to this
problem. In Level
3 the attempt to access the file wasn't recorded at all. Any pointer for
solving this
problem would be nice, Is it maybe not possible to handle it this way?
thx
achim