I have a problem I can't fix using Samba and I am fairly sure this is a permissions issue. Here is a samba server and I don'
Code:
[root@fback /]# pwd
/
[root@fback /]# ls -l
total 80
drwxr-xr-x 2 root root 3072 Feb 24 04:02 bin
drwxr-xr-x 4 root root 1024 Apr 20 16:31 boot
drwxrws--- 8 root admin 4096 May 15 08:31 data
drwxr-xr-x 9 root root 4640 Apr 20 16:42 dev
drwxr-xr-x 68 root root 7168 May 18 15:06 etc
drwxr-xr-x 10 root root 4096 Apr 2 13:43 home
drwxr-xr-x 2 root root 1024 Feb 21 2005 initrd
drwxr-xr-x 11 root root 5120 Apr 21 04:02 lib
drwx------ 2 root root 12288 Feb 23 16:13 lost+found
drwxr-xr-x 3 root root 1024 Apr 20 16:42 media
drwxr-xr-x 2 root root 1024 Aug 13 2006 misc
drwxr-xr-x 2 root root 1024 Feb 21 2005 mnt
drwxr-xr-x 2 root root 1024 Feb 21 2005 opt
dr-xr-xr-x 86 root root 0 Apr 20 12:41 proc
drwxr-x--- 4 root root 1024 Mar 8 13:44 root
drwxr-xr-x 2 root root 9216 Mar 8 04:02 sbin
drwxr-xr-x 1 root root 0 Apr 20 12:41 selinux
drwxr-xr-x 2 root root 1024 Feb 21 2005 srv
drwxr-xr-x 9 root root 0 Apr 20 12:41 sys
drwxrwxrwt 4 root root 1024 May 18 14:31 tmp
drwxr-xr-x 15 root root 4096 Feb 23 21:15 usr
drwxr-xr-x 19 root root 1024 Feb 23 21:16 var
[root@fback /]# cd /data/
[root@fback data]# ls -l
total 56
drwxrws--- 5 root facility 4096 May 11 14:00 facility
drwxrws--- 15 root admin 4096 May 18 11:47 images
drwxrws--- 8 root admin 4096 May 15 15:00 linux_iso
drwxrws--- 2 root admin 16384 Feb 23 23:59 lost+found
drwxrws--- 12 root admin 4096 May 17 11:12 software
drwxrws--- 2 root admin 4096 Apr 23 14:35 training
As you can see /data is a owned by a group called "admin" and then there is a sub directory called facility that is owned by a group called "facility".
Now my Samba shares out to directories...
/data & /data/facility
\\fback\data should only rwxrwx---
\\fback\facility should only be rwxrwx---
Now members of the facility group can't read \\fback\facility unless they're members of the admin group because the facility folder is a sub of the /data folder who is owned by "admin" group.
Is there a way to make this work? I want people who are only a member of facility group to access /data/facility however not be able to access /data/*
Please help me...