Hello,
I have an annoying little issue. I am currently running Samba 2.2.5-10
as a Primary Domain Controller and have a number of shared drives with a
variety of differing users and user rights all over the place.
In my smb.conf file, I have the following share:
[emergpo]
path = /share/purchasing/emergpo
force directory mode = 0770
create mode = 0770
writeable = yes
force create mode = 0770
directory mode = 0770
user = @emergpo
force group = @emergpo
valid users = @emergpo
comment = For Emergency Purchase Orders
wide links = no
write list = @emergpo
Now, from what I understand any new files that are created within this
share should have the ownership be the following <username>:emergpo.
Unfortunately, that is not happening, what is happening is that both the
user and the group ownership bit are set to the creator of the file.
Which is HIGHLY annoying since my phone is often inundated with calls
asking why they can't access a file located on said drive.
I do know that if I were to set the permissions of all files to be 0777
then everyone with access to that drive will be able to do whatever they
need to those files. Unfortunately, that is not what I wish to see in my
Samba configuration.
Is this something that would be "fixed" if I were to update to a
newer
release of Samba? I know that I should be updating to 2.2.7 to avoid the
recent security issue. However, none of my users have the skills to even
attempt simple hacks, let alone the slightly complex hack that is fixed
with 2.2.7. I also have to many other things going on right this instant
to test a 2.2.7 upgrade.
Any pointers anyone has would be wonderful. Thanks for the assistance.
Regards,
Robert Adkins II
IT Manager/Buyer
Impel Industries, Inc.
Ph. 586-254-5800
Fx. 586-254-5804
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 06 December 2002 06:36 pm, Robert Adkins wrote:> [emergpo] > path = /share/purchasing/emergpo > valid users = @emergpo> Now, from what I understand any new files that are created within this > share should have the ownership be the following <username>:emergpo. > Unfortunately, that is not happening, what is happening is that both the > user and the group ownership bit are set to the creator of the file. > Which is HIGHLY annoying since my phone is often inundated with calls > asking why they can't access a file located on said drive.Hi there, the usual solution that i enforce is (for your case): # cd /share/purchasing # chgrp -R emergpo emergpo # chmod g+s emergpo This will result to the group ownership to be propagated to every directory/file created - -- Dimitrios Stergiou System, Network and Security Administration Group Intracom S.A DISCLAIMER: Funny signature follows - ----------------------------------- Behind every great man, there is a woman -- urging him on. -- Harry Mudd, "I, Mudd", stardate 4513.3 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE98NTTcAv8apx8VeARAli4AJ9A1WHBIgyMqZQ1gOVZnqE9AWxmnQCeILky TuNPfbL40vYdxzLkFeDOEF0=bW6j -----END PGP SIGNATURE-----
Henry,
I gave that a go and it didn't do the trick. Thanks for the quick
response though.
Regards,
Robert Adkins II
IT Manager/Buyer
Impel Industries, Inc.
Ph. 586-254-5800
Fx. 586-254-5804
-----Original Message-----
From: Henry, Brad ERM [mailto:BHenry@serm.gov.sk.ca]
Sent: Friday, December 06, 2002 10:38 AM
To: Robert Adkins
Subject: RE: [Samba] New files and directories
force group = emergpo should do it, as opposed to
force group = @emergpo
you might also be having probs with using
user = @emergpo
valid users = @emergpo
write list = @emergpo
try with just valid users = @emergpo
good luck!
-----Original Message-----
From: Robert Adkins [mailto:raa@impelind.com]
Sent: Friday, December 06, 2002 10:36 AM
To: samba@lists.samba.org
Subject: [Samba] New files and directories
Hello,
I have an annoying little issue. I am currently running Samba
2.2.5-10
as a Primary Domain Controller and have a number of shared drives with a
variety of differing users and user rights all over the place.
In my smb.conf file, I have the following share:
[emergpo]
path = /share/purchasing/emergpo
force directory mode = 0770
create mode = 0770
writeable = yes
force create mode = 0770
directory mode = 0770
user = @emergpo
force group = @emergpo
valid users = @emergpo
comment = For Emergency Purchase Orders
wide links = no
write list = @emergpo
Now, from what I understand any new files that are created within
this
share should have the ownership be the following <username>:emergpo.
Unfortunately, that is not happening, what is happening is that both the
user and the group ownership bit are set to the creator of the file.
Which is HIGHLY annoying since my phone is often inundated with calls
asking why they can't access a file located on said drive.
I do know that if I were to set the permissions of all files to be
0777
then everyone with access to that drive will be able to do whatever they
need to those files. Unfortunately, that is not what I wish to see in my
Samba configuration.
Is this something that would be "fixed" if I were to update to a
newer
release of Samba? I know that I should be updating to 2.2.7 to avoid the
recent security issue. However, none of my users have the skills to even
attempt simple hacks, let alone the slightly complex hack that is fixed
with 2.2.7. I also have to many other things going on right this instant
to test a 2.2.7 upgrade.
Any pointers anyone has would be wonderful. Thanks for the
assistance.
Regards,
Robert Adkins II
IT Manager/Buyer
Impel Industries, Inc.
Ph. 586-254-5800
Fx. 586-254-5804
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Dimitrios, Thank you thank you thank you! That answer worked perfectly! It's odd that I hadn't come across the chmod g+s command previously. I had spent some time learning the permissions on a UNIX system. I never recall seeing that option. Again, thanks for the assistance! Regards, Robert Adkins II IT Manager/Buyer Impel Industries, Inc. Ph. 586-254-5800 Fx. 586-254-5804 -----Original Message----- From: Dimitrios Stergiou [mailto:dste@intranet.gr] Sent: Friday, December 06, 2002 6:48 PM To: samba@lists.samba.org; Robert Adkins Subject: Re: [Samba] New files and directories -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 06 December 2002 06:36 pm, Robert Adkins wrote:> [emergpo] > path = /share/purchasing/emergpo > valid users = @emergpo> Now, from what I understand any new files that are created within this > share should have the ownership be the following <username>:emergpo. > Unfortunately, that is not happening, what is happening is that boththe> user and the group ownership bit are set to the creator of the file. > Which is HIGHLY annoying since my phone is often inundated with calls > asking why they can't access a file located on said drive.Hi there, the usual solution that i enforce is (for your case): # cd /share/purchasing # chgrp -R emergpo emergpo # chmod g+s emergpo This will result to the group ownership to be propagated to every directory/file created - -- Dimitrios Stergiou System, Network and Security Administration Group Intracom S.A DISCLAIMER: Funny signature follows - ----------------------------------- Behind every great man, there is a woman -- urging him on. -- Harry Mudd, "I, Mudd", stardate 4513.3 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE98NTTcAv8apx8VeARAli4AJ9A1WHBIgyMqZQ1gOVZnqE9AWxmnQCeILky TuNPfbL40vYdxzLkFeDOEF0=bW6j -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba