Prev: [Samba] Browser Elections Failing
Next: Samba Scenario
From: Hasnain Badami on 6 Jul 2010 10:20
Hi All

I have been asked by my company management to look into moving file share
server from Windows 2003 server OS to Ubuntu 10.4 using Samba. I have
successfully configured active directory authentication using winbind and
have configured samba and am able to access my file share successfully.

The complication arise as a result of implementing ACL mappings on Linux, as
I need fine grained control over specific subfolders and files. From what I
have read, I cant map all 13 permissions to respective unix rwx permissions.
I have a use case where a certain group called A has read write execute
rights on a folder/file but they shouldnt be allowed to delete the specific
folder/file. On windows, all I have to do is set up my security permissions
to deny 'delete subfolders and files' and 'delete' and it works well. In
linux world I understand I cant do this as the user has rwx permissions on
the folder/file and he can do whatever he likes.

I googled a lot around this issue and found that if you set up sticky bit on
the directory I can still read and write from the file or directory and wont
be able to delete it. It works in case of most document types but MS office.
From samba help I figured that "Word does the following when you
modify/change a Word document: MS Word creates a new document with a
temporary name. Word then closes the old document and deletes it, then
renames the new document to the original document name." The url is
http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html#id2615334
So
if the sticky bit is set on the directory containing word files for
instance, linux wont be able to delete the file (as required in write
operations by MS office) and hence comes with an error.

I shall be highly obliged if some one can shed light on this issue.
Alternatively I would love to learn about other solutions for the use case
mentioned.

Thanks in advance

Hass.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
 | 
Pages: 1
Prev: [Samba] Browser Elections Failing
Next: Samba Scenario