summaryrefslogtreecommitdiff
path: root/docs/smbdotconf/security/inheritpermissions.xml
diff options
context:
space:
mode:
Diffstat (limited to 'docs/smbdotconf/security/inheritpermissions.xml')
-rw-r--r--docs/smbdotconf/security/inheritpermissions.xml39
1 files changed, 39 insertions, 0 deletions
diff --git a/docs/smbdotconf/security/inheritpermissions.xml b/docs/smbdotconf/security/inheritpermissions.xml
new file mode 100644
index 0000000000..d684ea2673
--- /dev/null
+++ b/docs/smbdotconf/security/inheritpermissions.xml
@@ -0,0 +1,39 @@
+<samba:parameter name="inherit permissions"
+ context="S"
+ type="boolean"
+ xmlns:samba="http://samba.org/common">
+<description>
+ <para>The permissions on new files and directories
+ are normally governed by <link linkend="CREATEMASK"><parameter moreinfo="none">
+ create mask</parameter></link>, <link linkend="DIRECTORYMASK">
+ <parameter moreinfo="none">directory mask</parameter></link>, <link linkend="FORCECREATEMODE">
+ <parameter moreinfo="none">force create mode</parameter>
+ </link> and <link linkend="FORCEDIRECTORYMODE"><parameter moreinfo="none">force
+ directory mode</parameter></link> but the boolean inherit
+ permissions parameter overrides this.</para>
+
+ <para>New directories inherit the mode of the parent directory,
+ including bits such as setgid.</para>
+
+ <para>New files inherit their read/write bits from the parent
+ directory. Their execute bits continue to be determined by
+ <link linkend="MAPARCHIVE"><parameter moreinfo="none">map archive</parameter>
+ </link>, <link linkend="MAPHIDDEN"><parameter moreinfo="none">map hidden</parameter>
+ </link> and <link linkend="MAPSYSTEM"><parameter moreinfo="none">map system</parameter>
+ </link> as usual.</para>
+
+ <para>Note that the setuid bit is <emphasis>never</emphasis> set via
+ inheritance (the code explicitly prohibits this).</para>
+
+ <para>This can be particularly useful on large systems with
+ many users, perhaps several thousand, to allow a single [homes]
+ share to be used flexibly by each user.</para>
+</description>
+
+<related>create mask</related>
+<related>directory mask</related>
+<related>force create mode</related>
+<related>force directory mode</related>
+
+<value type="default">no</value>
+</samba:parameter>
generated by cgit (git 2.34.1) at 2025-01-07 21:20:04 +0000