summaryrefslogtreecommitdiff
path: root/docs/docbook/smbdotconf/security/forcegroup.xml
diff options
context:
space:
mode:
Diffstat (limited to 'docs/docbook/smbdotconf/security/forcegroup.xml')
-rw-r--r--docs/docbook/smbdotconf/security/forcegroup.xml37
1 files changed, 37 insertions, 0 deletions
diff --git a/docs/docbook/smbdotconf/security/forcegroup.xml b/docs/docbook/smbdotconf/security/forcegroup.xml
new file mode 100644
index 0000000000..eafdfe8e23
--- /dev/null
+++ b/docs/docbook/smbdotconf/security/forcegroup.xml
@@ -0,0 +1,37 @@
+<samba:parameter name="force group"
+ context="S"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This specifies a UNIX group name that will be
+ assigned as the default primary group for all users connecting
+ to this service. This is useful for sharing files by ensuring
+ that all access to files on service will use the named group for
+ their permissions checking. Thus, by assigning permissions for this
+ group to the files and directories within this service the Samba
+ administrator can restrict or allow sharing of these files.</para>
+
+ <para>In Samba 2.0.5 and above this parameter has extended
+ functionality in the following way. If the group name listed here
+ has a '+' character prepended to it then the current user accessing
+ the share only has the primary group default assigned to this group
+ if they are already assigned as a member of that group. This allows
+ an administrator to decide that only users who are already in a
+ particular group will create files with group ownership set to that
+ group. This gives a finer granularity of ownership assignment. For
+ example, the setting <filename moreinfo="none">force group = +sys</filename> means
+ that only users who are already in group sys will have their default
+ primary group assigned to sys when accessing this Samba share. All
+ other users will retain their ordinary primary group.</para>
+
+ <para>If the <link linkend="FORCEUSER"><parameter moreinfo="none">force user</parameter>
+ </link> parameter is also set the group specified in
+ <parameter moreinfo="none">force group</parameter> will override the primary group
+ set in <parameter moreinfo="none">force user</parameter>.</para>
+
+ <para>See also <link linkend="FORCEUSER"><parameter moreinfo="none">force user</parameter></link>.</para>
+
+ <para>Default: <emphasis>no forced group</emphasis></para>
+
+ <para>Example: <command moreinfo="none">force group = agroup</command></para>
+</listitem>
+</samba:parameter>
generated by cgit (git 2.34.1) at 2024-08-10 07:17:02 +0000