Hi.
I'm sharing a ZFS (ZoL) directory through Samba. Right now I have it set
up so my user has full RWX access to everything, but for security
reasons I'd like to only allow myself to copy and read files and create
and list directories, but make it so once something is created I can't
modify it in any way other than by logging in through SSH.
I've looked at several threads in various places, but I've not seen a
definite answer on how to do this, beyond some hinting at it involving
ACLs in some unspecified way. My understanding is that ZoL doesn't
support Linux ACLs, so I'm wondering if it might be easier to just make
a modification to smbd. After all, all I'd need to do is check if a flag
for the share is set when the user attempts certain actions (e.g.
delete, rename, etc.), right? I'm thinking something like
[foo]
path = /mnt/foo
valid users = foo
available = yes
browseable = yes
writable = yes
read only = no
create only = yes ; <=
Any opinions?
Thanks.
