Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

SAMBA 3 + ACLs: Different access rights in Linux and Windows

Posted on 2011-03-17
2
Medium Priority
?
644 Views
Last Modified: 2012-08-13
Dear Experts,

just an understanding question. I have a SAMBA share with the following ACL settings:

getfacl /share

# file: share
# owner: root
# group: root
user::rwx
group::rwx
group:mygroup1:rwx
group:mygroup2:r-x
mask::rwx
other::r-x

Open in new window


I'm not able to create/edit files on the Linux (Samba) server as a member of mygroup2:

touch test.file

touch: cannot touch `test.file': Permission denied

Open in new window


Logged on a Windows 2008 Server I see the same access rights like on the Linux server, but I can create files. Is it a correct behavior for the following configuration? My aim was to give the mygroup2 just a read access

[share]
        comment = share
        path = /share
        valid users = @mygroup1, @mygroup2
        force group = mygroupe1
        force create mode = 0770
        force directory mode = 0770
        read only = No
        inherit acls = Yes

Open in new window


Thank you in advance!
0
Comment
Question by:atyur
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 2

Accepted Solution

by:
silvanx earned 1000 total points
ID: 35157381
How about changing
force group = mygroupe1

Open in new window

to
force group = +mygroup2

Open in new window


This should force access level of mygroup2 for its members and default access to everybody else.
0
 

Author Closing Comment

by:atyur
ID: 35164235
Yes, you're right. Thank you!
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question