Am 22.01.21 um 10:25 schrieb Stefan G. Weichinger via samba:> Am 21.01.21 um 11:01 schrieb Stefan G. Weichinger via samba: > >> I now follow a howto I found: >> >> https://dr-luthardt.de/linux.htm?tip=smbtrash >> >> the idea is: >> >> * hide .Trash via "veto files" >> * share .Trash for a defined list of "valid users" as separate share >> >> looks promising, I wait for the user there to test my first draft > > To give feedback: > > they are happy for now with this approach.... until now. I get feedback that the "power user" (userC in example below) isn't able to access all the deleted files of the other users. And something about 0 bytes files in there .... I will check that in more detail later. Just for suggestions: my current config contains: [data] create mask = 0775 directory mask = 0775 force group = users inherit acls = Yes path = /mnt/data read only = No valid users = sgw userA userB [..] userX vfs objects = full_audit recycle recycle:directory_mode = 770 recycle:versions = yes recycle:keeptree = yes recycle:repository = .Trash full_audit:failure = all full_audit:success = all full_audit:priority = NOTICE full_audit:facility = LOCAL5 [data_Trash] comment = Papierkorb D path = /mnt/data/.Trash read only = No valid users = sgw userC --- userC is member of UNIX group "users" --- I assume I could/should get rid of stuff like "create mask" ? That is historical stuff from years ago, never touched because "works". Samba version 4.12.9, btw (gentoo stable ..)
On 26/01/2021 12:03, Stefan G. Weichinger via samba wrote:> Am 22.01.21 um 10:25 schrieb Stefan G. Weichinger via samba: >> Am 21.01.21 um 11:01 schrieb Stefan G. Weichinger via samba: >> >>> I now follow a howto I found: >>> >>> https://dr-luthardt.de/linux.htm?tip=smbtrash >>> >>> the idea is: >>> >>> * hide .Trash via "veto files" >>> * share .Trash for a defined list of "valid users" as separate share >>> >>> looks promising, I wait for the user there to test my first draft >> >> To give feedback: >> >> they are happy for now with this approach. > > ... until now. > > I get feedback that the "power user" (userC in example below) isn't > able to access all the deleted files of the other users. > > And something about 0 bytes files in there ....We had this recently, it is the way that Windows rename etc works, it creates a NULL file then deletes it as part of the process.> > > userC is member of UNIX group "users"If Windows is involved, then forget 'users' use 'Domain Users' (which 'users' is a member of) instead.> > --- > > I assume I could/should get rid of stuff like "create mask" ? That is > historical stuff from years ago, never touched because "works".If Windows is involved, I would remove a lot of lines from the share and then set the permissions from Windows. Rowland