I am running samba on my LAN. I have a guest directory which is readable and writable by everyone.

I want to do something on this directory and that is;

I want the users only to write and read in this directory , but they should not be able to delete any file from this directory.

i.e; If a user has created a file in this directory then he should not be able to delete or replace it.

someone has told me that you have to do something with "umask" but I don't know how ?
He told me that when a file is created you should change the "umask" to change its permssion, if you know something like that then please tell me.

Please tell me how it is possible?

The “umask” is a bitmap that sets the access properties for a file (or directory). You can use it to say if a given file can be read from (= directory contents listed), written to (=new files created) or executed (= directory contents can be accessed).

Each one of these can be set independantly for just one user, just one group, or everyone else.

First cd to the directory in question.Assuming that the files are created by group “user”, what you want to do is make the files read/writable to the user group:The asterisk means “everything in this directory.” You can check this with (you want something like -***rw-*** where * can be anything).

Every file will then be marked as read-only and cannot be changed.

There's probably a way to set the default umask for new files, so you don't have to keep running this all the time.

Hope that helps,

— Robert J. Lee

I believe what you're asking for a the command ' create mode ' in samba. Goto to your smb.conf file and add ' create mode = XXXX ' where XXXX is the permissions you want to assign to the file. For example ' create mode = 0750 '.

but by doing this we cannot change the contents of the file cause it is readable but as the directory has "-rwxrwxrwx /tmp " option so we can still delete the file.
I want that once a file is created in the /tmp directory it should not be deleted.
"Remember I am asking this question for Samba not for local working"

I don't believe there's a Linux command (umask, chmod, etc) you can use to set this up. If a user can create a file, then he/she should be able to delete it. It is possible to set up an existing directory with existing files that users can write to (but not delete) but they won't be able to create a file either.

Remember that if a user can write to a file, he/she can delete all the contents of a file and save the empty file, wouldn't this be the same as deleting the file altogether?

Are you using a specialized file server? A NetApp appliance perhaps? You could probably use a setting in it to prevent you from deleting files no matter what, regardless of what the file/dir Linux permissions tell you.