[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 439
  • Last Modified:

How can files inside .zip folders inherit the default permissions on an OSX10.5.8 AFP file share?

We have a Mac 10.5.8 server with an AFP file share that is accessed by employees in the "staff"  group membership. This is a production environment and client files get added to this directory automatically through the use of the application called Switch by Callas.

We have propagated permissions so anything in the AFP file share inherits these permissions:

macadmin (server admin account) : Read and Write
staff: Read and Write
Everyone: Read and Write


The problem is with .zip files. When a zip file is uploaded, only the person who unzips the file has permissions. The zip file itself has the correct permissions, but the extracted contents have these permissions:

drewk(random user who unzipped the files): Read and Write
staff: read only
everyone: read only


These files need to have read and write access for everyone, not just the person who decompressed the file.

We have done some UMask edits, but those seem to go back to the default settings after a server reboot.

Not sure if it helps, but we use Open Directory in conjunction with Active Directory. These users log into the Mac and PC with the same credentials , but only use the PC's for the timecard software.

Any help would be greatly appreciated. I can provide more info if needed.
0
Karanastic
Asked:
Karanastic
1 Solution
 
maximus5328Commented:
First, let me clarify something. You said: "We have propagated permissions so anything in the AFP file share inherits these permissions". This sounds wrong. Propagating permissions means that you simply copied said permissions to enclosed items this one time. You did not set inheritance. Inheriting permissions means that items automatically assume the permissions of the enclosing folder without you having to propagate them.
POSIX permissions (Apple calls them standard: owner, group, others) do not support permissions inheritance by design. You have to use ACL (Access Control List) for that.
So try this:
in Server Admin > AFP > Share Points, select your share point then on the Permissions tab add the staff group to ACL section. Set the permission to Allow Read & Write and to Apply To "This folder, Child folders, Child files, All descendants"
Save the changes.
Now click on the gear icon > Propagate Permissions and check only Access Control List.
To verify, still on this Share Points page, browse to one of enclosed items and you should see that it has ACL permission set in grey (since it was inherited not copied).
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now