Hi!
I have a problem here, which I can't pinpont anywhere.
I'll post some output from the terminal adding comments to explain.
I use Debian and Samba.
Here we go:
I have some users, and I manage permissions by adding them to certain groups. The thing is, I found that some user can access folders that he's not supposed to be able.
So, first:
Code:
root@server-AMYQ:~# groups glimone
glimone : micro1 admin1 micro2
And then:
Code:
root@server-AMYQ:/mnt/AMYQ# ls -l
total 64
drwxrwx--x 4 netadm admin1 4096 ago 22 16:10 ADMIN
So, users that belong to group "admin1" can rwx folder ADMIN. So user "glimone" can go inside, since he belongs to groups micro1, admin1 and micro2.
But here's the mess. Let's go inside folder ADMIN and ls -l:
Code:
root@server-AMYQ:/mnt/AMYQ/ADMIN# ls -l
total 5996
drwxrwx--x 2 netadm admin2 4096 ago 22 16:10 1.- CLIENTES
drwxrwx--x 2 netadm admin2 4096 ago 22 15:47 2.- ELABORACION DE INFORMES
We have these two folders, and if you pay attention to permissions you'll notice that to access them you need to belong to group "admin2".
As I showed you earlier, user "glimone" doesn't belong to group "admin2". But he can go in, and write!!!
WTF is going on here?!
Maybe it's something with /etc/passwd, or /etc/group? Or with the samba share.
If you need any more information about this to help me solve it, plz post it, and I'll reply soon.
EDIT: All of this happens if I access the folders through samba. If I log with "glimone" directly on the terminal I get the correct Permission Denied message. So that makes me think this is all about samba...
Here's the configuration of the share
Code:
[1.- ADMINISTRACION]
path = /mnt/AMYQ/ADMIN
public = yes
valid users = jbenitez, xpascale, glimone, lacosta, mmondelli, vskrycki, mportas, bgonzalez, netadm
writable = yes
create mask = 0755
force create mode = 0775
force group = admin2
PLEASE lend me a hand here!
Thanks in advance!
Joaquín.