I have a share(let's call it myshare), with a "force group" of "userset1"(userset1 is a group that has usera and userb and userc), and directory mask 770, and allowed users "userset1". This works well, but now I want to further restrict a directory(let's call it restricteddir) that's inside myshare, to only allow userb and userc to access it(and not usera). So I created a unix group called userset2, and placed userb and userc inside of it. Then I reset ownership on restricteddir to be owned by the group userset2. This works fine too...The only thing I'm afraid of is what happens if userb(or userc) decides to rename restrictedir. Since the force group is userset1, won't it reset the group ownership to userset1? If so restricteddir won't be restricted any more....So I'm looking for a more graceful solution. I've thought of creating two shares:
1. Path: /mydrive/myshare ShareName: myshare
2. Path: /mydrive/myshare/restricteddir Sharename: Myshare2(or whatever)
Would this work? Can shares be nested like this? Would the permissions on share #2 override permissions on share 1 for the restricteddir directory?