samba share with read,write but no delete to users
Hi Team,
I am using a samba sever as sharing the dir /home/rncit. All the users login to server by user rncit.I need to set rights read,write,create,modify but no delete by user rncit on windows clients for /home/rncit. Could you please help me how i can do this? I am totally blocked here thanks and Regards Boby |
Greetings,
Well, you could add the 'recycle' option to your [homes] share definition: Code:
[homes] The other option is looking into the "acl check permissions" for the share (e.g. man smb.conf), but it seems that with all the latest changes in Windows security, trying to run that level of granular permission checks between the two systems may be problematic at best, exasperating at worst. HTH. Let us know. |
If a user has read and write permissions, then a file can be opened and all the content removed. This renders ineffective the lack of an ability to delete a file as a protection from malicious alteration.
|
Quote:
If this is a concern, perhaps frequent incremental backups would give some protection, or version control (revision control). |
The way *nix perms work is that 'rw' perms on the file itself only apply to the file content aka data (or code if a program).
'w' perms on the containing dir dictate file creation/deletion; read that again slowly... there's no 'delete' perm. Being able to 'write' to a dir means being able to create OR delete files inside that dir. You can add the sticky bit 't' to the global perms see eg /tmp Code:
drwxrwxrwt. 19 root root 4096 May 24 10:50 tmp Note that for personal home dirs, it shouldn't be an issue, just for shared dirs. In any case, its really down to training the users and backups (only counts if you've done test restores....). HTH |
Thanks a lot.
I set the permissions as follows: chown -R root:root /home/rncit/ chmod +t /home/rncit/ after doing this permission as showing: drwxrwxrwt 107 root root 430080 May 24 10:27 rncit when i try to delete something by windows share, It did not prevent to deletion and renaming the file. Actually i have to prevent the following path: \\10.XX.XX.XX\rncit\ please do the needful as its very critical for me. Thanks and Regards Boby |
probably you can remove the write permission on dirs, in that case files cannot be renamed/created/deleted.
|
Hi team,
After a lot of googling,got the resolution. login to system at root root@localhost#chown -R root:root /path/dir/ root@localhost#chmod -R 1777 /path/dir/ root@localhost#service smb restart After doing this,user are allowed only read,write,modify but not delete and rename file at samba share. Make a entry in crontab file for schedule the task at specified time. so newly created file not be created or renamed. @Team:I am looking forward to edit the crontab file. Could you please help me to do this? Thanks and Regards Boby |
|
hfgf
|
Hi Team
Thanks a lot for the support you have been providing to me. Again looking for help here regarding samba share. Actually I need to share the following path to samba share:/home/rncit/, and its successfully done. but problem is that A root share is also shared.A snapshot is given below.. RNCIT ROOT PRINTER AND FAXES When I run the following command to delete the samba root user, getting the following error.. [root@em1 ~]# smbpasswd -x root Failed to delete entry for user root. Could you please help me how to remove this problem as now totally stucked here? Another command I run for disable the samba root user:[root@em1 ~]# smbpasswd -d root Disabled user root. Samba is not accessible here. Please do the needful to overcome this problem. NOTE: I need to share only RNCIT share for samba share Thanks and Regards Boby |
All times are GMT -5. The time now is 04:55 PM. |