Hi all, I have a Samba 3.0.13 with ACL support running under SuSE and acting as a PDC for the hole organization. Among some shares, there's one that has about ten subdirectories. Everybody can access this share and restrictions are applied over those subdirs. The problem is that, for example, when I create a file (or modify it with Word or Exel) in the Finances subdirectory, the file has my primary group as GID (Technology, in this case). What I need to do is to force Samba to create files with a specific GID for each of those subdirectories. I know if I had one share for each subdirectory, this would be done with "force group" in smb.conf under each share, but I have to maintain the "one share, N subdirectories" structure. Is there any way to reach this behavior? Thanks in advance, Sebastian
Hello ljerem, Monday, June 13, 2005, 6:34:03 PM, you wrote: lfua> The problem is that, for example, when I create a file (or modify it with lfua> Word or Exel) in the Finances subdirectory, the file has my primary group lfua> as GID (Technology, in this case). lfua> What I need to do is to force Samba to create files with a specific GID lfua> for each of those subdirectories. You should set the SGID bit on the directory, and make the directory owned by the right group (Finances). This should make Linux (and not Samba) create the files under the Finances directory owned by the group Finances and not your primary group as it does now. This works without ACLs, I don't know if it works with ACLs. -- Fabio "Kurgan" Muzzi
ljerem@fi.uba.ar wrote:> Hi all, > I have a Samba 3.0.13 with ACL support running under SuSE and acting as a > PDC for the hole organization. > Among some shares, there's one that has about ten subdirectories. > Everybody can access this share and restrictions are applied over those > subdirs. > > The problem is that, for example, when I create a file (or modify it with > Word or Exel) in the Finances subdirectory, the file has my primary group > as GID (Technology, in this case). > What I need to do is to force Samba to create files with a specific GID > for each of those subdirectories.Does the file just needs to include this GID in it's ACLs or does it need to be owned by that GID? The former is achieved by adding that group to the inheritable ACLs for the directory holding the file, for the latter I don't know if it is possible, AFAIK one cannot mandate ownership through ACLs and I don't know if "force group" plays well with ACL's... (just try the latter and report back if it works). HTH Paul BTW: use setfacl/getfacl from Linux or whatever your OS provides, I haven't found documentation in what way the various settings of the "permissions" dialog from W2k/XP translate through samba to posix ACLs.