LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 08-24-2003, 11:00 AM   #1
adewri
LQ Newbie
 
Registered: Aug 2003
Posts: 2

Rep: Reputation: 0
Samba: How to set permissions on subfolders for different users.


Hi All,

This is my first post on this forum. And i have a question on SAMBA. I would be greatful if any one could help me out.

Problem description:

We had a windows fileserver, which crashed (thanks to MS and its lousy OS). I have some how convinced others to move the fileserver to linux platform. I have configured the samba server and its running well (Accessible on windows network). Have also started moving the files from windows to Linux.

Now the problem is that in windows there is an option of setting security on subfolders. Like say i have a shared folder d:\ForAll and subfolders d:\ForAll\ForTim and d:\ForAll\ForJohn. And user Tim has -rw- permission on d:\ForAll\ForTim but only -r- permission on d:\ForAll\ForJohn and similarly John has -rw- permission on d:\ForAll\ForJohn but only -r- permission on d:\ForAll\ForTim. OK this can be achieved by using write list and read list parameter in smb.conf.

What i did was on linux

Code:
[ForAll]
       path = /forall
       browseable = yes
       guest ok = yes
       writeable = yes
       create mask = 744
       write list = john tim

[ForTim]
       path = /forall/fortim
       browseable = yes
       guest ok = yes
       writeable = yes
       create mask = 744
       write list = tim
       read list = john

[ForJohn]
       path = /forall/forjohn
       browseable = yes
       guest ok = yes
       writeable = yes
       create mask = 744
       write list = john
       read list = tim
All set now, but i want to see only the shared folder ForAll on the network neighbourhood and not its subfolders. Now is it possible to hide the shared subfolders or to be more precise set permissions on same subfolders based on different user requirements.

Will setting browseable = no do the trick ? Won't it hide the subfolders when i open the parent folder ForAll cos i don't want that. I just want the subfolders not to be visible only while browing the Network Neighbourhood.

I hope im clear in explaining my problem.

OS is Redhat Linux 9.0 and SAMBA server is 2.2.7a

Regards

Amar

Last edited by adewri; 08-24-2003 at 11:24 AM.
 
Old 08-24-2003, 12:48 PM   #2
lyle_s
Member
 
Registered: Jul 2003
Distribution: Slackware
Posts: 392

Rep: Reputation: 55
I'm not a Samba expert, but setting browseable = no in the ForTim and ForJohn shares will prevent them from being seen in Network Neighborhood. Browsing in SMB/CIFS means looking through the computers and shares (like when looking around in Network Neighborhood), and isn't anything to do with the hiding of folders within shares.

Please verify that tim can't write inside of /forall/forjohn when connecting through the ForAll share. Since tim is on the write list for share ForAll, and he can get into /forall/forjohn through the ForAll share, it stands to reason that he might be able to write there. Again, I'm not an expert so just make sure.

Most of what I know about Samba is from this article: http://www.linux-mag.com/2001-05/smb_01.html.

Lyle
 
Old 08-24-2003, 01:18 PM   #3
mcleodnine
Senior Member
 
Registered: May 2001
Location: Left Coast - Canada
Distribution: s l a c k w a r e
Posts: 2,731

Rep: Reputation: 45
Here's a rule set I've been using with some success in Samba
Code:
[public]
        comment = Locally Shared Folder
        path = /pub
        read only = No
        create mask = 0755
        directory mask = 0775
members of the group can read, create files and directories.
only the owner can delete files or directories
members can create files in other members' directories

So if tim creates a file, others can read it, but not write to it.
If tim creates a directory others can add new stuff to it and read files in it, but only file owners can modify/delete files.

You'll need to set the sticky bit on the top directory ('chmod +t /topdir)
Code:
drwxrwxr-t   56 nobody     users        3424 Aug  9 11:42 pub/
 
Old 08-25-2003, 11:01 AM   #4
adewri
LQ Newbie
 
Registered: Aug 2003
Posts: 2

Original Poster
Rep: Reputation: 0
lyle_s, mcleodnine thanks for your help...

lyle_s you are right about the part that if i set write list on /ForAll folder then that permission is propagated to child folders as well and hence if i give write list=tim john then both will be able to write on the subfolders even if i mention read list = john for /ForAll/fortim.

So what i did was spread out the subfolders as folders directly. No more subfolders. All folders will be parent.

And mcleodnine sticky bit part was very helpful....

But i was wondering, what if in future more subfolders are created then if i have to create every subfolder as parent folder then i have to say that windows folder security level is better than SAMBA's. I think Andrew Tridgell need to do something about this.

Regards
Amar
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Permissions propagating to subfolders & files linus Linux - General 2 06-21-2007 12:58 PM
changeing permissions for a folder + subfolders and files ? YBA^[x] Slackware 7 08-06-2004 04:07 AM
Map to share then allow users to access subfolders problem in SAMBA ryanzietlow Linux - Software 1 03-26-2004 06:31 PM
cannot get write permissions for /home and subfolders after upgrade repeater75 Linux - General 4 02-22-2004 10:24 PM
How to set permissions to read, execute, write for users only chupacabra Linux - General 3 12-18-2002 03:54 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 09:27 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration