In reference to my post a few days ago, I gave in and decided to bite the bullet and work with UNIX permissions to implement what I wanted.
Now I face a new problem. Samba doesn't seem to be obeying the "force security mode" option.
Here's the settings for the share in question:
Code:
[tmp]
read only = yes
path = /nas/tmp
write list = admin nas
force group = nas
inherit permissions = yes
force security mode = 660
force directory mode = 0775
force create mode = 0664
hide unreadable = yes
veto files = /lost+found/._*/.DS_Store/.Trashes/._Trashes/
browseable = no
The folder being shared (/nas/tmp) has permissions drwxrwxr-x and is owned by "admin" and group "nas". All files within the folder structure have group writable permission set. This means I can just create users and add them to group nas to allow them write access to the entire share. It also means I can restrict read or write access on a per-file or per-folder basis.
Now, I connect to this share from Windows and create a folder. If I look at that folder on the server, it indeed was created with permissions drwxrwxr-x as expected.
Code:
root [ /nas/tmp ]# ls -l
...
drwxrwxr-x 2 admin nas 4096 Nov 15 14:46 windows_folder
...
Enter Mac OS X. When I connect from my Mac to the share as either "nas" or "admin" and create a folder, it's created with permissions drwxr-xr-x. This of course means group nas can't write to that folder.
Code:
root [ /nas/tmp ]# ls -l
...
drwxr-xr-x 2 admin nas 4096 Nov 15 14:47 mac_folder
...
My goal, obviously, is to force all files created on the server to be writable by the group. This way I can simply set permissions on a folder I don't want accessed to drwx------ and the hide unreadable option will hide the files in question.
Am I missing something - is there a reason I can't get Samba to force files created from OS X to have the permissions I want? My guess is OS X is manipulating the permissions on files directly (it IS unix, after all) and that's why I tried setting force security mode - but it didn't work.
Advice?
FM
