petrrrr
asked on
Configuring Samba to set file permissions
Hi!
I have set up a Samba on my Slackware 9.1-homeserver. I've got the shares working and hopefully the system secured enough. I have a share /data, which is owned by user winguest (root group), that is used only for samba-sharing. I am connecting to the server using my home networks two computers, both with Windows XP Pro.
The problem is, I cannot get the file permissions right for files copied to the share; when I am copying files from the workstations to server, I'd like to set their permissions on the server on the fly. I would like them to be 775 (full control for user & group, no write-access for others), but they seem to change from file to file, and never be the wanted ones. I have tried to read some manuals, man- and webpages, but just can't seem to get them working. The filepermissions in Windows seem to affect to the new permissions in the server. I can get some change in the permissions, but not the wanted one! Here's a clip from my config-file:
[data]
path = /data
read only = no
writable = yes
public = yes
; create mask = 775
; directory mask = 775
force create mask = 001
force directory mask = 001
I have tried with create mask and force create mask, and even with both (though, I guess atleast THAT is wrong). I have also tried using security mask and force security mask, but can't get them to affect quite anything. I have also tried with very many combinations of permission masks for (force) create/directory masks.
Can anyone please tell me, is this what I am trying to do even possible, and if so, HOW I could achieve it? Thank you! :)
I have set up a Samba on my Slackware 9.1-homeserver. I've got the shares working and hopefully the system secured enough. I have a share /data, which is owned by user winguest (root group), that is used only for samba-sharing. I am connecting to the server using my home networks two computers, both with Windows XP Pro.
The problem is, I cannot get the file permissions right for files copied to the share; when I am copying files from the workstations to server, I'd like to set their permissions on the server on the fly. I would like them to be 775 (full control for user & group, no write-access for others), but they seem to change from file to file, and never be the wanted ones. I have tried to read some manuals, man- and webpages, but just can't seem to get them working. The filepermissions in Windows seem to affect to the new permissions in the server. I can get some change in the permissions, but not the wanted one! Here's a clip from my config-file:
[data]
path = /data
read only = no
writable = yes
public = yes
; create mask = 775
; directory mask = 775
force create mask = 001
force directory mask = 001
I have tried with create mask and force create mask, and even with both (though, I guess atleast THAT is wrong). I have also tried using security mask and force security mask, but can't get them to affect quite anything. I have also tried with very many combinations of permission masks for (force) create/directory masks.
Can anyone please tell me, is this what I am trying to do even possible, and if so, HOW I could achieve it? Thank you! :)
I would guess that samba has to follow the permissions on the linux box. Have a look at the default umask settings on your linux box.
For that you'd want:
create mode = 0664
directory mode = 0775
for Samba shares. That causes the creation of files directories to be readable writable by user & group and readable by other (world).
create mode = 0664
directory mode = 0775
for Samba shares. That causes the creation of files directories to be readable writable by user & group and readable by other (world).
ASKER
A little more information for the problem: Using those masks jlevie suggested works just fine, I get a 664-permissions, but is it possible to also set the execute-bits for everyone, to get the 755-permissions? When I set the mask as 775, the created files will get 764-permissions; group and world lose the execute-bit! I'm starting to wonder, is it even possible to set those two bits!?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yeah, I beginning to think so too. And in fact, when i think of it, maybe I can live without the execute-bit. :)