Hi there,

Is there a way to allow some user write access to a share but deny delete?The users will need write access to some folders but since everyone logs in to linux/samba share with the same username and password (dumb people, they dont like different users/passwords), they will sometime try to delete other's files.So is there a samba config directive so lets say user TOM has write access to \\somemachine\SHARE but he cannot delete what he already copied there? I hope I made myself pretty clear, if not, excuse me, im typing after 16 hours of work.Thank you

you could use the "sticky bit" trick. I don't quite remember, but I think this permission bit make sure no one can delete a file but the owner. With samba, you could make sure the owner is always "someone" even if your clients are using "anyone".
You can set this with "chmod 1755 a_file" as example. Of course, you will have to set something like this as default permission in samba.

Do some search about it, I'm not quite sure if I am telling you total bs or if my memory is right. Search about forth permission byte (mean : UID = 4XXX, GID = 2XXX, SID = 1XXX )

I think sticky bit doesn't help, because if the sticky bit is set, the owner of a file still can delete it. In this situation all the people are logged with the same login, so they all are the owners of files they create. I have exactly the same problem and I have not found the solution yet.

As I said, you could set samba so that ALL files created belong to a certain user (let's call it samba_user) even if they are created by another user (bill, bob, joe).

So even if "Bill", "Bob" or "Joe" create a file with permission 777 (read/write/execute) they won't be able to delete it because it will be owned by "samba_user" and so with sticky bit, only "samba_user" will be able to remove it.

Do you have many Linux users connecting to a share on a Windows box or the obverse? Since the "sticky bit" is only availabe on Linux file systems, I suspect the later; but, in the former case, I think you can do it with NTFS permission settings.

On the other hand, again, just a thought, but arn't FTP sites sometimes set up with "no delete" permissions on their upload directories? If so, you might be able to see how they do it, and adapt that sceme to you situation.

One other thought: I everyone is connecting using the same userid, how can you tell that TOM instead of JERRY created any specific file? If you can't tell them apart on the server side of the Samba wall, I don't see that you have any hope of solving your problem.

If you can distingush TOM from JERRY, why not set up differen account on the server for them, and proxy a connection (through localhost) for them in their own account. You wouldn't even have to tell them that they had accounts on the server . . .

Just a vague thought, sorry it doesn't help much -- "The devil is in the details."

Sorry Half_Elf. I understood the next part of your previous post after the same idea occured to me: to make the owner of all files the same person for example "root".
I have samba on a linux server and a few different windows clients (xp, 95, 98). So far I am trying to test it on one client with xp. Is the sticky bit useful in this case?