[sclug] Folder Security

Scott Rixon scott at green-flag.com
Sat Oct 25 09:05:35 UTC 2003 

I think I am getting there..

I have a create mode = 0664 and directory mode = 0775 but only for the
home directories.. I can't find any default? Should I set it for my
other shares?

What is the difference between create and directory mode?

This is also not only a samba problem... When I create a file with my
Linux machine I then can't access it as another user.. If I then go and
chmod -R 777 the directory structure all is fine... How do I change the
defaults for that?

Cheers,

Scott


On Thu, 2003-03-20 at 23:41, Bob Franklin wrote:
> On Thu, 20 Mar 2003, Scott Rixon wrote:
> 
> > Quick question. I have a Linux server that has a data share for Linux
> > and windows (Via Samba). I always have problems with the permissions on
> > files and directories created in this share. I believe it to be because
> > the creator gets Owner rights and know one else gets any rights. I
> > doesn't matter if it was created in Linux or Windows.
> >
> > Is there a way of changing the default permissions from a top level so
> > that all files created have 'relaxed' permissions?
> 
> The two options you want are 'create mode' and 'directory mode'; they
> operate much like the UNIX 'umask' command but with the inverse value.
> 
> The default is actually to allow public/group read and only owner
> read/write, but I guess your distribution has overridden that (a sensible
> choice - especially for home directories).
> 
> In your smb.conf file (location depends on your installation, but try
> /etc, /etc/samba, /etc/smb, /usr/local/samba/lib) you'll find a line
> overriding the default to something like '0700' - change that to '0755'
> for public read access.  You'll need to disconnect/reconnect the share
> (restarting Samba does this and doesn't upset the Windows clients as long
> as they're not doing anything hefty with the share at the time) to pick
> up the change.
> 
> Note that it can be set globally or on a per-share basis (you may want
> locked down permissions on your home directories but more open permissions
> on a 'scratch' area).
> 
> 
> Also note that in NT4/2000/XP clients (and 98 with the NT4 client tools
> installed) you can edit the permissions using the 'right click ->
> Properties... -> Security -> Permissions' method from the Windows client,
> on each object individually).
> 
>   - Bob
> 
> 
> -- 
>  Bob Franklin <r.c.franklin at reading.ac.uk>          +44 (0)118 378 6630
>  Systems and Communications, IT Services, The University of Reading, UK
> _______________________________________________
> sclug mailing list
> sclug at sclug.org.uk
> http://www.sclug.org.uk/mailman/listinfo/sclug
>

More information about the Sclug mailing list