Seah, Michelle C
2002-May-09 23:21 UTC
[Samba] How do i set different permission for a shared directory?
Hello,
Would really appreciate any advise on how the security setting should be
setup.
I have running Samba ver 2.0.7 on HPUX10.20. Clients run Windows 200 PCs,
WinNT4 PDC.
"docusers" is the UNIX home directory for document users. their
individual
home dir is created under their user id.
so, Paul 's home directory structure is :
/docusers/paul
Below is an extract from the smb.conf file.
[homedir]
comment = Private Unix file area (%u)
path = %H
writeable = Yes
create mask = 0750
strict locking = Yes
{Doc_Users]
path = /docusers
valid users = @docu
With the above, users with UNIX a/c in the docu group can only read all the
subdirectories under docusers which is mapped as a dir (eg. L:/Doc_Users) in
their PC's Windows Explorer .
Now, the requirement is for all users to be able to read all the directories
under /Doc_Users but be able to write only to his own home directory in the
same drive mapped (L:).
I have looked at the samba config file via SWAT but is not very sure how to
make this happens. In the advanced view, there is additional options for a
write list and read list. The help says this field can include userid or
group (@docu), but what is the equivilent of the %u - that is the user id?).
Really appreciate any advise.
Thank You.
Michelle
Thierry ITTY
2002-May-10 07:02 UTC
[Samba] How do i set different permission for a shared directory?
the simpliest way would be to let unix permission system do the job have only one share : /docusers each user is connected under its own name (both windows and unix sense) its home dir is writable for him all the dirs are readable by the docu group all you have to do is to set the same primary group for all the users you would have : user "paul", primary group "docu", home /docusers/paul user "peter", primary group "docu", home /docusers/peter ... drwxr-xr-x root docu /docusers drwxr-x--- paul docu /docusers/paul drwxr-x--- peter docu /docusers/peter ... [Doc_Users] path = /docusers writable = yes on the unix side, samba shares /docusers without any restriction, access permissions are handled at the os level on the windows side, users connect to only one share, Doc_Users, in which they are all able to read all files but can't write only in their own directory of course this supposes you have no other constraints that would prohibit such a configuration... hth A 01:18 10/05/02 -0500, vous avez ?crit :>Hello, > >Would really appreciate any advise on how the security setting should be >setup. > >I have running Samba ver 2.0.7 on HPUX10.20. Clients run Windows 200 PCs, >WinNT4 PDC. > >"docusers" is the UNIX home directory for document users. their individual >home dir is created under their user id. >so, Paul 's home directory structure is : > >/docusers/paul > >Below is an extract from the smb.conf file. >[homedir] > comment = Private Unix file area (%u) > path = %H > writeable = Yes > create mask = 0750 > strict locking = Yes > >{Doc_Users] > path = /docusers > valid users = @docu > >With the above, users with UNIX a/c in the docu group can only read all the >subdirectories under docusers which is mapped as a dir (eg. L:/Doc_Users) in >their PC's Windows Explorer . > >Now, the requirement is for all users to be able to read all the directories >under /Doc_Users but be able to write only to his own home directory in the >same drive mapped (L:). > >I have looked at the samba config file via SWAT but is not very sure how to >make this happens. In the advanced view, there is additional options for a >write list and read list. The help says this field can include userid or >group (@docu), but what is the equivilent of the %u - that is the user id?). > > >Really appreciate any advise. > >Thank You. >Michelle > >-- >To unsubscribe from this list go to the following URL and read the >instructions: http://lists.samba.org/mailman/listinfo/samba > >- * - * - * - * - * - * - Bien s?r que je suis perfectionniste ! Mais ne pourrais-je pas l'?tre mieux ? Thierry ITTY eMail : Thierry.Itty@Besancon.org FRANCE