1 |
Michael Orlitzky schrieb: |
2 |
> On 04/23/2016 10:42 AM, hw wrote: |
3 |
>> |
4 |
>> Has it become entirely impossible to share a directory tree and the |
5 |
>> files in it with multiple users when Linux is involved? This should be |
6 |
>> a very simple thing to accomplish. |
7 |
>> |
8 |
> |
9 |
> It was never possible. It's ridiculous, but there it is. The UNIX |
10 |
> permissions model is too simple. ACLs were bolted on top, but most tools |
11 |
> retain legacy behavior with respect to group masks that breaks default |
12 |
> ACLs. You're seeing that same problem with your Samba share. |
13 |
> |
14 |
> Filesystem permissions are one thing that Windows got right. There's |
15 |
> ongoing work to bring that model to Linux, |
16 |
> |
17 |
> https://en.wikipedia.org/wiki/Richacls |
18 |
> |
19 |
> but they're going to make the same mistake again[0] and allow the group |
20 |
> bits to act as a mask. That means mkdir, tar, cp, 7z -- anything that |
21 |
> tries to mess with group bits -- isn't going to work. They'll be DOA |
22 |
> just like POSIX ACLs were. |
23 |
> |
24 |
> I think you can manage this with incron and POSIX ACLs. Instead of |
25 |
> running "chmod g+w", use sys-apps/apply-default-acl to reset the |
26 |
> permissions to the defaults that you set. |
27 |
> |
28 |
> I wrote apply-default-acl to solve exactly this problem. You just need |
29 |
> to figure out a way to run it whenever things get screwed up. Which |
30 |
> means, whenever a file or directory is created. |
31 |
> |
32 |
> |
33 |
> [0] http://www.bestbits.at/richacl/man/richacl.7.txt |
34 |
> |
35 |
> Changing the file mode permission bits: |
36 |
> |
37 |
> When changing the file mode permission bits with chmod(1), the |
38 |
> owner, group, and other file permission bits are set to the |
39 |
> permission bits in the new mode... In addition, the masked and |
40 |
> write_through ACL flags are set. This has the effect of limiting the |
41 |
> permissions granted by the ACL to the file mode permission bits... |
42 |
> |
43 |
> |
44 |
|
45 |
Hm, I'm confused. Is it not possible to somehow force |
46 |
samba to set a user and a group as owners of a file or |
47 |
of a directory which is being created on a share? |
48 |
|
49 |
If that was possible, couldn't I mount that share with |
50 |
the uid and gid of the owner and group samba enforces, |
51 |
which would then allow multiple local users to access |
52 |
the files and directories on that share as one? |