summaryrefslogtreecommitdiff
path: root/docs/docbook/smbdotconf/security/inheritpermissions.xml
blob: 34fade33d02c722bacc83ab19797e1e64f25fb8c (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36

<samba:parameter xmlns:samba="http://samba.org/common">
		<term><anchor id="INHERITPERMISSIONS"/>inherit permissions (S)</term>
		<listitem><para>The permissions on new files and directories 
		are normally governed by <link linkend="CREATEMASK"><parameter moreinfo="none">
		create mask</parameter></link>, <link linkend="DIRECTORYMASK">
		<parameter moreinfo="none">directory mask</parameter></link>, <link linkend="FORCECREATEMODE"><parameter moreinfo="none">force create mode</parameter>
		</link> and <link linkend="FORCEDIRECTORYMODE"><parameter moreinfo="none">force 
		directory mode</parameter></link> but the boolean inherit 
		permissions parameter overrides this.</para>
		
		<para>New directories inherit the mode of the parent directory,
		including bits such as setgid.</para>

		<para>New files inherit their read/write bits from the parent 
		directory.  Their execute bits continue to be determined by
		<link linkend="MAPARCHIVE"><parameter moreinfo="none">map archive</parameter>
		</link>, <link linkend="MAPHIDDEN"><parameter moreinfo="none">map hidden</parameter>
		</link> and <link linkend="MAPSYSTEM"><parameter moreinfo="none">map system</parameter>
		</link> as usual.</para>

		<para>Note that the setuid bit is <emphasis>never</emphasis> set via 
		inheritance (the code explicitly prohibits this).</para>

		<para>This can be particularly useful on large systems with 
		many users, perhaps several thousand, to allow a single [homes] 
		share to be used flexibly by each user.</para>
		
		<para>See also <link linkend="CREATEMASK"><parameter moreinfo="none">create mask
		</parameter></link>, <link linkend="DIRECTORYMASK"><parameter moreinfo="none">
		directory mask</parameter></link>, <link linkend="FORCECREATEMODE">
		<parameter moreinfo="none">force create mode</parameter></link> and <link linkend="FORCEDIRECTORYMODE"><parameter moreinfo="none">force directory mode</parameter>
		</link>.</para>

		<para>Default: <command moreinfo="none">inherit permissions = no</command></para>
		</listitem>
		</samba:parameter>
generated by cgit (git 2.34.1) at 2024-09-03 20:29:25 +0000