Configuring Samba to set file permissions

Hi!

I have set up a Samba on my Slackware 9.1-homeserver. I've got the shares working and hopefully the system secured enough. I have a share /data, which is owned by user winguest (root group), that is used only for samba-sharing. I am connecting to the server using my home networks two computers, both with Windows XP Pro.

The problem is, I cannot get the file permissions right for files copied to the share; when I am copying files from the workstations to server, I'd like to set their permissions on the server on the fly. I would like them to be 775 (full control for user & group, no write-access for others), but they seem to change from file to file, and never be the wanted ones. I have tried to read some manuals, man- and webpages, but just can't seem to get them working. The filepermissions in Windows seem to affect to the new permissions in the server. I can get some change in the permissions, but not the wanted one! Here's a clip from my config-file:

[data]
   path = /data
   read only = no
   writable = yes
   public = yes
;   create mask = 775
;   directory mask = 775
   force create mask = 001
   force directory mask = 001

I have tried with create mask and force create mask, and even with both (though, I guess atleast THAT is wrong). I have also tried using security mask and force security mask, but can't get them to affect quite anything. I have also tried with very many combinations of permission masks for (force) create/directory masks.

Can anyone please tell me, is this what I am trying to do even possible, and if so, HOW I could achieve it? Thank you! :)
petrrrrAsked:
Who is Participating?
 
jlevieCommented:
I've never tried to have Samba set a file mode of 755, so I don't know it that's possible. From what you describe it sounds like Samba may restrict executable status to the user on newly created files. From a security view I can see where that would be desireable.

Why would you want all files created by a windows box to be 755. The safe thing would be for them to be created as 644 and if they need to be executed  from Linux the owner of the file should specifically change the mode of those files that should be executable.
0
 
owensleftfootCommented:
I would guess that samba has to follow the permissions on the linux box. Have a look at the default umask settings on your linux box.
0
 
jlevieCommented:
For that you'd want:

   create mode = 0664
   directory mode = 0775
 
for Samba shares. That causes the creation of files directories to be readable writable by user & group and readable by other (world).
0
 
petrrrrAuthor Commented:
A little more information for the problem: Using those masks jlevie suggested works just fine, I get a 664-permissions, but is it possible to also set the execute-bits for everyone, to get the 755-permissions? When I set the mask as 775, the created files will get 764-permissions; group and world lose the execute-bit! I'm starting to wonder, is it even possible to set those two bits!?
0
 
petrrrrAuthor Commented:
Yeah, I beginning to think so too. And in fact, when i think of it, maybe I can live without the execute-bit. :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.