actually it gets even more weird, from my perspective at least
maybe it all works but not for empty folders
if there are no subfolders then everyone authenticated has
full control, can delete the folder
permissions seem to begin to apply as soon as some content
ends up the folder
but there is another thing
test\
testA
test.txt
testB
test.txt
if a user B was given, with means of windows client,
'Modify' permission over testB and then this user creates
test.txt in this testB folder, then nobody has access to the
file apart from listing it, cannot open/read it
testA remained intact, userA created testA and test.txt in
it and everybody can open/read test.txt
it seems like at the point where windows acl are added, by
adding a user/permission to folder, that newly created file
by that added user gets unix acl like this
# file: testB\test.txt
# owner: my_Buser
# group: Domain\040Users
user::rwx
user:my_Buser:rwx
group::---
mask::rwx
other::---
whereas testA\test.txt has no ACLs yet, in other words has:
# owner: my_Auser
# group: Domain\040Users
user::rwx
group::r--
other::r--
how to tell samba to make it readable to the group, by
default, at file creation time?
many thanks
On 30/03/12 11:30, lejeczek wrote:
dear all
trivial kind of question for which I do apologize, but
it's sort of puzzling
in a share when a windows client creates something samba
sets it as 755, yet another user can still delete, in this
case a folder
which part of configuration fixes it so it would behave as
expected?
what I have by default is:
acl check permissions = Yes
acl group control = No
acl map full control = Yes
create mask = 0744
force create mode = 00
security mask = 0777
force security mode = 00
directory mask = 0755
force directory mode = 00
directory security mask = 0777
force directory security mode = 00
force unknown acl user = No
inherit permissions = No
inherit acls = No
inherit owner = No
cheers
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba