diff options
author | John Terpstra <jht@samba.org> | 2003-05-20 06:25:17 +0000 |
---|---|---|
committer | John Terpstra <jht@samba.org> | 2003-05-20 06:25:17 +0000 |
commit | fdaffbd7d0f1452b13807c4d1901b1df97d150d2 (patch) | |
tree | 1a1ebd9f9e038ca9aefbfbb3825447b69f720e40 | |
parent | 74f994b9861bdc15d95b51c27e323e64a360d8e8 (diff) | |
download | samba-fdaffbd7d0f1452b13807c4d1901b1df97d150d2.tar.gz samba-fdaffbd7d0f1452b13807c4d1901b1df97d150d2.tar.bz2 samba-fdaffbd7d0f1452b13807c4d1901b1df97d150d2.zip |
More edits - added example
(This used to be commit 41c4bc4b8198797fef044eccad743550ccb43f06)
-rw-r--r-- | docs/docbook/projdoc/AccessControls.xml | 102 |
1 files changed, 101 insertions, 1 deletions
diff --git a/docs/docbook/projdoc/AccessControls.xml b/docs/docbook/projdoc/AccessControls.xml index 95eb6cebba..38c3475d34 100644 --- a/docs/docbook/projdoc/AccessControls.xml +++ b/docs/docbook/projdoc/AccessControls.xml @@ -1090,9 +1090,109 @@ Before using any of the following options please refer to the man page for &smb. <title>Common Errors</title> <para> -Stuff from mailing lists here +File, Directory and Share access problems are very common on the mailing list. The following +are examples taken from the mailing list in recent times. </para> + + <sect2> + <title>Users can not write to a public share</title> + + <para> + We are facing some troubles with file / directory permissions. I can log on the domain as admin user(root), + and theres a public share, on which everyone needs to have permission to create / modify files, but only + root can change the file, no one else can. We need to constantly go to server to + <command>chgrp -R users *</command> and <command>chown -R nobody *</command> to allow others users to change the file. + </para> + + <para> + There are many ways to solve this problem, here are a few hints: + </para> + + <procedure> + <title>Example Solution:</title> + <step> + <para> + Go to the top of the directory that is shared + </para> + </step> + + <step> + <para> + Set the ownership to what ever public owner and group you want + <programlisting> + find 'directory_name' -type d -exec chown user.group {}\; + find 'directory_name' -type d -exec chmod 6775 'directory_name' + find 'directory_name' -type f -exec chmod 0775 {} \; + find 'directory_name' -type f -exec chown user.group {}\; + </programlisting> + </para> + + <para> + Note: The above will set the 'sticky bit' on all directories. Read your + Unix/Linux man page on what that does. It causes the OS to assign to all + files created in the directories the ownership of the directory. + </para> + + <para> + <programlisting> + Directory is: /foodbar + chown jack.engr /foodbar + + Note: This is the same as doing: + chown jack /foodbar + chgrp engr /foodbar + + Now do: + chmod 6775 /foodbar + ls -al /foodbar/.. + + You should see: + drwsrwsr-x 2 jack engr 48 2003-02-04 09:55 foodbar + + Now do: + su - jill + cd /foodbar + touch Afile + ls -al + </programlisting> + </para> + + <para> + You should see that the file 'Afile' created by Jill will have ownership + and permissions of Jack, as follows: + <programlisting> + -rw-r--r-- 1 jack engr 0 2003-02-04 09:57 Afile + </programlisting> + </para> + </step> + + <step> + <para> + Now in your smb.conf for the share add: + <programlisting> + force create mode = 0775 + force direcrtory mode = 6775 + </programlisting> + </para> + + <para> + Note: The above are only needed IF your users are NOT members of the group + you have used. ie: Within the OS do not have write permission on the directory. + </para> + + <para> + An alternative is to set in the smb.conf entry for the share: + <programlisting> + force user = jack + force group = engr + </programlisting> + </para> + </step> + </procedure> + </sect2> + + </sect1> </chapter> |