[SOLVED] how to set different permission for sub directories of a samba shared folder
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
/home/samba/shares/Archive folder has three sub directory named as sub1 and sub2 and sub3 I want mir user has no access to sub1 but read permission to sub2 and read/write permission to sub3 and dan user has read/write access to sub1 but read permission to sub2 and no access permission to sub3. (mir and dan are my network users not local users)
for more information of my filesystem all of my shares are under home/samba/shares/ which /home is not an independent partition on file system and it is a folder under / .
my fstab is:
root@DM:~# mount
/dev/mapper/isw_jaccaghaj_DM1 on / type ext4 (rw,errors=remount-ro,usrquota,grpquota,acl)
proc on /proc type proc (rw,noexec,nosuid,nodev)
none on /sys type sysfs (rw,noexec,nosuid,nodev)
none on /sys/fs/fuse/connections type fusectl (rw)
none on /sys/kernel/debug type debugfs (rw)
none on /sys/kernel/security type securityfs (rw)
none on /dev type devtmpfs (rw,mode=0755)
none on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620)
none on /dev/shm type tmpfs (rw,nosuid,nodev)
none on /var/run type tmpfs (rw,nosuid,mode=0755)
none on /var/lock type tmpfs (rw,noexec,nosuid,nodev)
none on /lib/init/rw type tmpfs (rw,nosuid,mode=0755)
/etc/hylafax on /var/spool/hylafax/etc type none (rw,bind)
and:
Quote:
root@DM:~# ls /home/samba/shares/Archive -lh
total 24K
drwxrwxr-x+ 2 dan __USERS__ 4.0K 2011-12-14 14:13 sub1
drwxrwxr-x+ 2 dan __USERS__ 4.0K 2011-12-14 16:26 sub2
drwxrwxr-x+ 2 dan __USERS__ 4.0K 2011-12-14 16:27 sub3
what is the solution for this?
what should I do step by step?
At the first glance I would say that what you want to do is not possible, you will need to mount it several times and set the right at the mounting time.
I thing you are absolutely wrong because windows have the same thing and I think linux has to have something even more powerful.
any body any other solution ?
This looks like you have four (4) shares. The Archive directory and the three "Sub" directories. If you add the other three definitions in your smb.conf file:
no no no I do not want to add another shares in samba I know that and I can do that but I didn't mean that, please if you do not know the answer do not answer it because it cause the others not to read and answer my question.
Samba has to obey Linux permissions, which include using ACLs. Look up the manpage for setfacl. The examples on the bottom are easier to follow than the description.
One of the first things I discovered, if you use default acls, is you need both a default ACL (for inheritance of new subdirectories) and a normal ACL on the same directory as well.
Another thing not to miss in the article is that you need to add "acl" as a mount option for the filesystem. The filesystem needs to support ACLs. Ext3 and Ext4 do.
Another thing not to miss in the article is that you need to add "acl" as a mount option for the filesystem. The filesystem needs to support ACLs. Ext3 and Ext4 do.
do you mean that I have to add some thing in my fstab to support acl? and if my filesytem is ext3 or ext4 it does not need?
/dev/mapper/isw_jaccaghaj_DM1 on / type ext4 (rw,errors=remount-ro,usrquota,grpquota,acl)
which reports "acl" is already turned on for the "/" mount. I don't see any other mounts that would refer to /home/... so it looks like acl is on.
All you need to do then in use to "setfacl" command to apply the permissions.
dan and mir should be in a standard Linux group that allows them at least "x" access to /home/samba/shares/Archive, but assuming neither dan or mir are in standard Linux groups that would allow them any access to /home/samba/shares/Archive/sub* (hence satisfying the requirement where they aren't allowed access), the following should give them access where they need it:
Agreed.
Since "acl" is enabled, what zQUEz posted will work.
You can also do this without using "acl":
By setting permissions on the directory(s) itself. Please read the man pages on "chown":
make mir owner of Sub3
make dan owner of SUb1
if mir and dan are in a group, make their group owner of Sub2. Otherwise, create a group and put dan and mir in that group; assign this group as owner of Sub2.
Give your permissions to the directories.
Please read the man pages on "chmod"
If these are the only two (users) associated with these Sub-directoies, then just making them the owners makes sense to me. Then you can just restrict permissions from others.
ie.
root@DM:~# ls /home/samba/shares/Archive -lh
total 24K
drwx------ 2 dan __USERS__ 4.0K 2011-12-14 14:13 sub1
dr-xr-x--- 2 danANDmir danANDmir 4.0K 2011-12-14 16:26 sub2
drwx------ 2 mir __USERS__ 4.0K 2011-12-14 16:27 sub3
Otherwise, just setting the acl on the directory as previously stated.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
