Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,331
Rep:
Why do I have to make these files world readable?
Linux permissions have always frustrated me. They are really annoying to work with and very unversatile compared to NTFS.
Here's my current situation, and I don't understand what's going on here.
I have a server with a smb share, a user on another machine is in the group that is assigned to those files. The files are chmodded 770. If the user is in that group then technically that user should have access to those files... but it does not. If I chmod to 775 then the user has access. WTF? Why? I don't care given it's a local server, but still, if I have to make files world readable for a single user to have access even though I granted those rights through the filesystem and through samba, then that's a huge security issue, and it's no wonder we're not seeing Linux used for enterprise file servers.
Another thing that pisses me off with linux permissions is when a new file is created, the permissions arn't inherited. This folder gets lot of data added to it but it defaults to whatever the default permissions are. I need to run a script to periodicly fix all the permissions. To me this is really messy.
If both client and server machines are Linux, BSD or Mac, you will probably have an easier time using NFS than Samba. The problem you're experiencing is probably due to the underlying Linux system and the Samba layer not recognising each other's users and groups. Usually both are kept in sync by configuring them to use LDAP as a backend. This isn't as necessary with NFS, as there are other ways of communicating user and group ids between machines (some have security implications though, so be cautious).
As for the permissions, I don't think there is a way of specifying inheritance, but there are other options. You can use umask (set e.g. via /etc/profile) to set the default permissions for a user. You can set a "create mask" in Samba, which can be configured per share. You can also set the default group of newly created files by setting the group ID on the parent directory (setgid/sgid).
If you want finer grained control like NTFS, you could try setting up ACLs. I've never used them myself though, so don't know how well they work with Samba.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.