Gentoo Archives: gentoo-user

From: Dan Farrell <dan@×××××××××.cx>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Finely tuning access permissions (in Samba)
Date: Mon, 26 Nov 2007 18:32:18
In Reply to: [gentoo-user] Finely tuning access permissions (in Samba) by Mick
1 On Fri, 23 Nov 2007 19:56:59 +0000
2 Mick <michaelkintzios@×××××.com> wrote:
4 > Hi All,
5 >
6 > I am trying to setup access permissions for a Samba file server and
7 > have so far done this much;
8 >
9 > chmod -R ug+rwxs,o-r+x /data
10 >
11 > The three MS Windows users on the server (george, viki & cad) can all
12 > create files and delete their own, but cannot delete a file that they
13 > have not created themselves. I want to make (only) george able to
14 > delete files that he has not created himself. How can I achieve
15 > that, without using ACLs - I will be setting up some tar, or rsync
16 > based back-up policy which I think does not retain POSIX ACLs.
18 what you're seeing sounds like the functionality of sticky bit on a
19 directory. If that is the case (it is operating behind samba, if so)
20 perhaps this blip from wikipedia will be useful.
22 :
23 | The most common use of the sticky bit today is on directories, where,
24 | when set, items inside the directory can be renamed or deleted only by
25 | the item's owner, the directory's owner, or the superuser (Without the
26 | sticky bit set, a user with write and execute permissions for the
27 | directory can rename or delete any file inside, regardless of the
28 | file's owner.)
30 combining this idea with the unix filesystem permissions concept, I
31 would say make george the owner of the directory. The sticky bit isn't
32 very flexible in that the group of the directory can't overwrite
33 the files in that directory if the sticky bit is set.
35 good luck.
36 --
37 gentoo-user@g.o mailing list