I have a question with regards to using Unix groups with samba. This might be easier to explain with an example. Lets say I have two users UserID: GID UserA:Group1 UserB:Group2 etc..... I now have an entry in /etc/group that looks like groupdev::UserA, UserB If I have a directory with group ownership set to "groupdev" and group mode "rws" UserA & UserB cannot create a file in the share on their Windows machine. But if they connect to the Unix host, no problem. Does Samba understand user lists for group permissioning? Thanks, Brett Bartick VP Corporate Technology Nomura Securities International, Inc. 2 World Financial Center New York, NY 10281 ----- This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please delete it and all copies from your system, destroy any hard copies and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. Nomura Holding America Inc., Nomura Securities International, Inc, and their respective subsidiaries each reserve the right to monitor all e-mail communications through its networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorized to state the views of such entity. Unless otherwise stated, any pricing information in this message is indicative only, is subject to change and does not constitute an offer to deal at any price quoted. Any reference to the terms of executed transactions should be treated as preliminary only and subject to our formal written confirmation.
mkh01@earthlink.net
2002-May-10 14:54 UTC
[Samba] Unix Group Question with repect to Samba
I've set things up almost exactly like that before, with no problems. Did you set the share to be writable in smb.conf? If the share is configured to be read-only it would show the behavior you describe. On Fri, May 10, 2002 at 05:31:55PM -0400, Bartick, Brett wrote:> I have a question with regards to using Unix groups with samba. This might > be easier to explain with an example. > > Lets say I have two users > > UserID: GID > UserA:Group1 > UserB:Group2 > > etc..... > > I now have an entry in /etc/group that looks like > > groupdev::UserA, UserB > > If I have a directory with group ownership set to "groupdev" and group mode > "rws" > UserA & UserB cannot create a file in the share on their Windows machine. > But if they connect to the Unix host, no problem. > Does Samba understand user lists for group permissioning?-- That feeling just came over me. -- Albert DeSalvo, the "Boston Strangler"
On Fri, May 10, 2002 at 05:31:55PM -0400, Bartick, Brett wrote:> I have a question with regards to using Unix groups with samba. This might > be easier to explain with an example. > > Lets say I have two users > > UserID: GID > UserA:Group1 > UserB:Group2 > > etc..... > > I now have an entry in /etc/group that looks like > > groupdev::UserA, UserB > > If I have a directory with group ownership set to "groupdev" and group mode > "rws" > UserA & UserB cannot create a file in the share on their Windows machine. > But if they connect to the Unix host, no problem. > Does Samba understand user lists for group permissioning?Yes, Samba should load the primary and supplementary groups into the user security context. There must be something else wrong in the setup on that share. Can you post your smb.conf ? Thanks, Jeremy.
Well, I now feel like I have egg on my face! After getting two responses that mentioned this should work I rebooted my PC where I have been testing this. That seemed to fix the problem. I can now use a user list for groups (which is totally awesome). Sorry to bother the list with such a trivial problem but I really didn't see any mention of this in the manual or in a quick scan through the archives. Reagrds, Brett Bartick VP Corporate Technology Nomura Securities International, Inc. 2 World Financial Center New York, NY 10281 -----Original Message----- From: jra@samba.org [mailto:jra@samba.org] Sent: Friday, May 10, 2002 5:59 PM To: Bartick, Brett Cc: 'samba@lists.samba.org' Subject: Re: [Samba] Unix Group Question with repect to Samba On Fri, May 10, 2002 at 05:31:55PM -0400, Bartick, Brett wrote:> I have a question with regards to using Unix groups with samba. This might > be easier to explain with an example. > > Lets say I have two users > > UserID: GID > UserA:Group1 > UserB:Group2 > > etc..... > > I now have an entry in /etc/group that looks like > > groupdev::UserA, UserB > > If I have a directory with group ownership set to "groupdev" and groupmode> "rws" > UserA & UserB cannot create a file in the share on their Windows machine. > But if they connect to the Unix host, no problem. > Does Samba understand user lists for group permissioning?Yes, Samba should load the primary and supplementary groups into the user security context. There must be something else wrong in the setup on that share. Can you post your smb.conf ? Thanks, Jeremy. ----- This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please delete it and all copies from your system, destroy any hard copies and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. Nomura Holding America Inc., Nomura Securities International, Inc, and their respective subsidiaries each reserve the right to monitor all e-mail communications through its networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorized to state the views of such entity. Unless otherwise stated, any pricing information in this message is indicative only, is subject to change and does not constitute an offer to deal at any price quoted. Any reference to the terms of executed transactions should be treated as preliminary only and subject to our formal written confirmation.