Solved

SAMBA 3 + ACLs: Different access rights in Linux and Windows

Posted on 2011-03-17
2
642 Views
Last Modified: 2012-08-13
Dear Experts,

just an understanding question. I have a SAMBA share with the following ACL settings:

getfacl /share

# file: share
# owner: root
# group: root
user::rwx
group::rwx
group:mygroup1:rwx
group:mygroup2:r-x
mask::rwx
other::r-x

Open in new window


I'm not able to create/edit files on the Linux (Samba) server as a member of mygroup2:

touch test.file

touch: cannot touch `test.file': Permission denied

Open in new window


Logged on a Windows 2008 Server I see the same access rights like on the Linux server, but I can create files. Is it a correct behavior for the following configuration? My aim was to give the mygroup2 just a read access

[share]
        comment = share
        path = /share
        valid users = @mygroup1, @mygroup2
        force group = mygroupe1
        force create mode = 0770
        force directory mode = 0770
        read only = No
        inherit acls = Yes

Open in new window


Thank you in advance!
0
Comment
Question by:atyur
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 2

Accepted Solution

by:
silvanx earned 250 total points
ID: 35157381
How about changing
force group = mygroupe1

Open in new window

to
force group = +mygroup2

Open in new window


This should force access level of mygroup2 for its members and default access to everybody else.
0
 

Author Closing Comment

by:atyur
ID: 35164235
Yes, you're right. Thank you!
0

Featured Post

Give Your Engineering Team a Productivity Boost

Learn why container technology is so powerful and how it can provide your team with productivity gains and other benefits.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Fine Tune your automatic Updates for Ubuntu / Debian
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question