General :: Samba File Permissions For Multiple Groups In The Same General Path?
Nov 4, 2009
I'm using my Linux (SLES 10) server as a File Server at this point. I need to set File Permissions to nested folders differently to different groups. For example:
homesharedengineering* should be read only for groupA
homesharedengineeringadmin should be read & write for groupB Plus read only for groupA
homesharedengineeringautocad should be read & write for groupC Plus read only for groupA
I've been using Webmin and Putty to set permissions but Putty only allows me the Default Group, it won't allow me to set several groups on the same directory. Webmin seems to allow me to add multiple groups (Webmin --> Others --> File Manager --> Info & ACL tab will provide extended abilities) but when I add multiple groups, they don't seem to take effect? I'm wondering if my setup at the 'Share' level or at the hierarchy of my folder structure (unix based) needs to be set specifically?
this directory has permissions 750 and is owned by user1 and group user1 I have an admin user that is primarily a part of group admin, but also a part of group user1 what would stop admin from having read and execute permissions on this directory? I'm running clamav and have a clamd daemon running as user admin (I could run it as any user, and I may make a special user later, but I don't want to run it as user1, user2, etc).
I have 2 (technically lots more, but let's just say 2 for now) users, user1 and user2 that have home directories /home/user1 and /home/user2. each is owned and group owned by user1:user1 and user2:user2 respectively with permissions of 750. my admin user is part of groups admin, user1, and user2 I need this to be able to scan my user's directories using the command (is this correct?):
If I change the directory permissions to 755, it works fine.Or if I leave the permissions 750 and change the directory group ownership to admin, it works fine. So, why would this be? Obviously it is a permissions issue, but why is it not reading admin as part of the user1 group and allowing the same permissions as it does when making the directory group-owned by admin?
I have a remote directory shared over NFS called tech with perms set as 0750 and owner set to root:tech. I have 2 groups: tech, and techAdmin. tech can read and execute within tech/. techAdmin can read, write, execute. I have 4 users: user1, user2, user3, user4. user1 and user2 is a member of techAdmin, user3 and user4 are members of tech. simple so far...but wait here's the problem. If user1 creates a file inside tech, user2 cant read or modify it because user1 owns it. Here's a few sites that reference this problem:
I am using mount.cifs to mount a remote samba share (both client and server are Ubuntu server 8.04) like this:mount.cifs //sambaserver/samba /mountpath -o credentials=/path/.credentials,uid=someuser,gid=1000.I mounted a user from local system with username and password with mount.cifs but the problem is that the user is part of multiple groups on the remote system and with mount.cifs I can only specify one gid. Is there a way to specify all the gids that the remote user has?
Mount the remote samba with multiple groups on the local system?Browse the mount from 1) with the terminal since I want to pass some files from samba as arguments to local programs.which runs through gvfs; but the newer gnome does not write to disk the ~/.gvfs anymore so I can't browse it in terminal. And the last solution would be NFS but that means that I have to synchronize the uids and gids on the local system with the ones from the server.
I am having problems with groups and file permissions. I have a file owned by myself
Code: -rw-rw-r-- 1 diblemar users 2.1K Jun 3 06:02 /cluster/shared/Injects/1404_1405_1000033606_79964.return.xml
I want to modify the file using a cgi script running on an apache server (on the same machine). Both diblemar and apache are in the same group.
However, I receive a file permissions error when I try to modify the file. I assumed that with the permission settings above apache would be able to modify a file owned by someone else in the apache group.
I'm trying to learn about permissions on linux webserver with apache.Some clues to the system: The server I have to play around with is Fedora based. Apache runs as apache:apache. To allow for e.g. php to write to a file the file needs to be chmod 777. 755 is not sufficiant.What I'm wondering is basically how set up permissions like they should be on e.g. a "shared web host".My main problem is that if I set a permission so that one user cannot access anothers home folder, then apache can't read from the public_html folder either.
To keep the users out I need to set chmod 700. But to let apache to read I need to have at least execute on world,so a 701 basically works, but won't let some users in.So I'm really stuck on what to do. Have been concidering adding the apache user to the frous grours below to avoid having to add the world execute flag, but is that a bad thing? Should it be the other way around, the users in the groups below should also be in the apache group?I was aiming at having 4 groups:
1. webapp: same as dev_int, but is the only one that can go inside the webapp/live folder to e.g. do an update from the repo.
2. dev_int: can read,write and execute everything in the "web root", including the two below, but nothing outside of the web root
3. dev_ext: can read write and execute in all client folders, but cannot access anything outside of the webapp root
4. clientsBasic ftp accounts. Has a home folder with a public_html, but cannot access any other home folders
Kernel 188.8.131.52, slackware 12.0 For a given app run by me as user john to be able to create a file in /foo1/foo2/, what do I need? (a) john to have write permissions in /foo1/? (b) john to have write permissions in /foo1/foo2/? (c) john to have write permissions in both /foo1/ and /foo1/foo2/? Any hint will be welcome. Note: No. It's not homework. KTorrent complains when trying to create the files being downloaded, saying 'permission denied'. But I think he is being run by another user. I can explain in a different thread.
I am setting up a samba server to operate in a windows AD domain. I want to set permissions for multiple groups to have different levels of access to one group of files, and it looks to me like unix permissions will not do that? I always hear about how robust linux is, and it seems to me that their file permissions model is WEAK compared to microsoft's?
I am currently using the following code in order to set a user's primary group in samba.Code: force group = +group.This almost does what I need but I was wondering if it is possible to list multiple groups. Something like this would be exactly what I need.
Code:#If user is in group1 set it as primary group, if in group2 set it as primary.force group = +group1, +group2. Does anyone know if this is possible or if I could use a script to force the primary group?
i have 3 shares on my samba. i have users - user, manager and boss projects is RW to everyone reference is R to everyone RW to manager and boss Proposals is RW only to boss, no access to others However when boss logs in and creates a directory in projects share, the directory can only be renamed bu users and manager, and directory contents are read only for users and managers, even deletion / rename is denied. How can i make sure that when ever boss creates a directory in projects, it retains base folder permissions and is writable to user this is my samba file... i am using red hat 6.1 with samba 3.5.6 (i think)
I have an Ubuntu development server and a Windows 7 workstation. I use Windows Gvim to edit files on the linux server, over a samba connection.Saving files from Windows change the Linux permissions in weird way depending on the Windows app I'm using and also depending on whether there's a file extension or not.Here are some testsNo extension; Notepad2: 644 to 764
matt@mattserver ~ % ls -l testfile -rw-r--r-- 1 matt matt 0 2011-05-28 07:09 testfile --- Save from Windows Notepad2 over network ---
i have 5 groups, i want to set 3 of them to have full permissions to a folder and set 2 others with read only to same folder, please help me to solve this problem. in other words i want to set this 5 groups diffrent permissions to a folder.
I'm new to LVM. I use Red Hat and CentOS 5. I'm setting up a database server and I want to setup the local drives for performance. My plan is to have three storage locations, 1st for Linux, 2nd for the application, and 3rd for the data files. Each location will be appropriately redundant. The OS and application drives will be local. Because my goal is to dedicate one spindle for the OS and another for the application, is there a best practice that would say I should create two LVM volume groups.
Each with one logical volume associated with one of the physical partitions or one LVM volume group with two logical volumes each associated with one of the physical partitions? I've read that a physical disk can only belong to one volume group. So if I want to add 70GB to both logical volumes, I could add a single 140GB drive to a single volume group and then add half to each logical volume. If I have two volume groups, I would need to add two additional disks. I may be missing an obvious consideration or be missing a basic concept of LVM.
Having set up many windows servers with complex permissions on shared folders, I now have to do the same in Linux (and I'm such a noob to Linux) I understand that each file/folder is assigned a user + group, and that the rights can be set for the user, the group and global (aka everybody else) My challenge is this, inside my shared folder there is a folder that should be RW to some users, READ ONLY to others, and not accessible at all to the rest of the users. (lets call the folder MyFolder ) All 3 groups have more than 1 user, so they have to be groups (right?) How would this model work in Linux ? If there is no other way, I guess I can nest the MyFolder in a folder that has permissions to allow all users that may access MyFolder, and block the rest, then on MyFolder, set owner group the RW users, and set global to READ ONLY.
Ps : The server I'm setting up runs Debian Lenny, files will be accessed from windows workstations using samba.
I'm taking here about tins of directories, thousands of files. I'm looking to find a command that makes me able to move the results above to another path, and to create that path once it doesn't exist like below:
I've been looking around the net for executing a shell script. My basic understanding is that after setting executable permissions and providing a path (#!/bin/sh) in the first line of the script, I can type ./myscript to execute instead of sh myscript. This is not working for me. I can run "sh myscript" but not "./myscript" even though I know for sure I have across the board execute permission and my sh path is correct. I'm working on a redhat linux station.
I can not manage file/folder permissions for created shares. I need get access from Win system to Linux shares. Actually I have access to its, but only to read folders and files. I tried to change permissions in create mask = 0765 and set it to 0777, but no success.
1.Added user # adduser samba # smbpasswd -a samba #set his password # smbpasswd -e samba #activating it 2. Installing SAMBA service
Folder /media/DATA/VIDEO not browseable and cant't enter it on Win system. It located on USB External HARD Drive, and attached to Linux system.
So i am at the stage of about to install the basic system and am using a derivation of the package management provided by Matthias S. Benkmann. To this end I am using his useradd and groupadd scripts to update the files:
My issue is that when I run the commands(created as part of temporary system when installing coreutils):
/tools/bin/su linux #then as user /tools/bin/groups
(here linux is the name of the user) This only returns the user being in the group named after user but not the additional group of 'install' Also, prior to logging in as user, if I use this command as root:
linux install This then returns that the user is in the correct groups. Lines from relevant files look like:
I have a folder at /home/www/, and the owner is www, which is part of the www-group. I have another user, john, part of the john group. How can I chown /home/www/ to make it writable by both www and john?
I have a samba shared folder in my flash disk. Yesterday I installed ubuntu 11.04 and now sharing is not working any more. I do the usual procedure (that worked so far), I right click my folder > sharing options and tick "share this folder" as well as "Allow others to create and delete files in this folder" but I dont get the usual messages asking to add permissions automatically.When I try to mount my folder in another pc with linux, I get permission denied and that the folder is only readable and in another, windows cannot find the network path to my folder.My folder has about 10.000 files. asking to add permissions automaticallyI created another folder on the same flash and when I create share I get the message asking to add permissions automatically but it is not visible either. I even cant see my folder in "my places" > network, so it is not a matter of the mounting command
I have mounted samba volume and I need to have write permissions for every new folder that's being created (currently, by default, on every newly created folder i have only read and execute permissions).I tried changing umask, but with no effect on mounted folder, umask changed only for local filesystem. I tried mounting with umask option, but with no effect again.I'm using ArchLinux on this machine, and I installed samba using default package manager (pacman).
There is a folder that is owned by user tomcat6: drwxr-xr-x 2 tomcat6 tomcat6 69632 2011-05-06 03:43 document. I want to allow another user (ruser) write permissions on document folder. The two users (tomcat6 and ruser) does not belong to same group. I have tried using setfacl: sudo setfacl -m u:ruser:rwx document
but this gives me setfacl: document: Operation not supported error.
I have a problem with file permissions over samba. I am running a web server, and this web server needs to be able to delete a file. The php code is correct, because it works on other sites. The php code is failing when it deletes a file because it is being ran as the www-data user. And the permissions on the files that are created on the share are as follows:
ns$ ls -l -rwxr-xr-x 1 root root 129628 Feb 6 08:16 20110206071748532.pdf This directory is mounted on: /var/www/files/23982dbb7a454425ce17a22bedc00776/scanned/AEC_Scans This is done with the /etc/fstab file: //192.168.58.2/Scans /var/www/files/23982dbb7a454425ce17a22bedc00776/scanned smbfs username=administrator,password=somepass
I had a situation in which the the path of the file to be copied is written in other file and I had to copy it using shell script..I can use cp $(cat /home/robert/location.txt) /media/sda1 on normal linux shell...But I am using buildroot script where $(cat /home/robert/location.txt) evaluate to nothing..is just blank..